×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

weak iv filtering

Unanswered Question
Feb 25th, 2003
User Badges:

Do the cisco 340/350 series of products, access points and clients,

perform weak iv filtering? I haven't been able to find any reference to

this in documentation or a search of this site.


Tye

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ndoshi Sun, 03/02/2003 - 11:31
User Badges:
  • Cisco Employee,

Hi ,


Week IV creates weekness in WEP encryption . It is 24 bit clear text integer .


To protect IV you need to trun on feature call TKIP .


Cisco supports TKIP and MIC both ...


Tkip is to protect wek IV ( It useshas function - one way hash function )


And MIC is for data integrety .


http://www.cisco.com/en/US/products/hw/wireless/ps430/products_white_paper09186a00800b469f.shtml


I hope this helps


Nilesh


thammerle Mon, 03/03/2003 - 06:00
User Badges:

There is a misunderstanding of my question. I understand weak iv and I understand tkip and mic.


My question is simply "Does cisco 340/350 series equipment perform weak iv filtering?"


If you do not understand the question or know the answer, please forward to the next level of support.


Tye

aonibala Thu, 03/06/2003 - 05:24
User Badges:

The "known" weak IV ranges for both 64 and 128-Bit may not be enough to filter. There are may be other ranges that have not been discovered. So putting weak IV filter is a band-aid solution. I do not think Cisco would ever use it. As stated by NDOSHI, Cisco TKIP and MIC features are far better solution. Please read my articles about TKIP in: http://wlanresearch.com/LEAPVPN.htm


:-) Audie

thammerle Thu, 03/06/2003 - 05:33
User Badges:

It is indeed a band-aid and it is a nice layer to add to defense in depth. TKIP and MIC are ceratinly valuable. I am already familiar with them.


The reason for my question was to find out how high the WEP cracking risk is to cisco devices with WEP enabled and not using TKIP or MIC. Based on what I have learned so far the various techinques available to crack WEP keys will fail with Cisco gear due to apparent weak iv filtering. It is not an advertised or supported feature but none the less it appears to be in use on Cisco wireless gear. They would be foolish not to implement it. Evidence also indicates several competitors have adopted weak iv filtering.


Tye


Actions

This Discussion

 

 

Trending Topics - Security & Network