Who Forgot to Invite the Cryptographers?

• Hardened crypto may not be hardened security

• • Flaws in algorithms
  • Flaws in design
  • Flaws in implementation

• WEP used RC4 – 128 bit cryptography

• • Lots of design and implementation errors

• WPA was suppose to address flaws in WEP

• • Still some problems in WPA-PSK

• SSL servers on APs may be using shared certificates

• • Static shared certificates are worse than shared keys
  • People can download firmware with certificates to your AP
  • Dynamic, self-signed, certificates are better than shared certs