Cisco Cisco Aironet 350 Workgroup Bridges Notas de publicación
3
Release Notes for Cisco Aironet Workgroup Bridges Running Firmware Release 8.80
OL-1653-01
New Features
Step 6
Click Load in the Diagnostics column near the top of the page.
Step 7
In the Value column, click Browse. Find the local drive where you saved the new firmware version and
select the firmware file.
select the firmware file.
Step 8
Click Send. The new firmware is loaded and the workgroup bridge reboots.
New Features
This section describes new features in firmware version 8.80.
Key Hashing Support
Firmware version 8.8 supports key hashing. When a WEP key is used to encrypt and decrypt transmitted
data, each packet includes an initialization vector (IV), a 24-bit field that changes with each packet. The
RC4 Key Scheduling Algorithm creates the IV from the base WEP key. A flaw in the WEP
implementation of RC4 allows the creation of “weak” IVs that give insight into the base key. A hacker
can exploit this flaw by gathering packets encrypted with the same key and using the weak IVs to
calculate the base key.
data, each packet includes an initialization vector (IV), a 24-bit field that changes with each packet. The
RC4 Key Scheduling Algorithm creates the IV from the base WEP key. A flaw in the WEP
implementation of RC4 allows the creation of “weak” IVs that give insight into the base key. A hacker
can exploit this flaw by gathering packets encrypted with the same key and using the weak IVs to
calculate the base key.
By hashing the base key with the IV to create a new key for each packet, WEP key hashing removes the
predictability that an intruder relies on to determine the WEP key by exploiting the IVs. Key hashing is
implemented in the radio firmware on both the transmitter and recipient of encrypted packets.
predictability that an intruder relies on to determine the WEP key by exploiting the IVs. Key hashing is
implemented in the radio firmware on both the transmitter and recipient of encrypted packets.
Message Integrity Check Support
Firmware version 8.80 supports message integrity check (MIC). The use of MIC thwarts an active attack
designed to determine the WEP key used to encrypt intercepted packets. This active attack is a
combination of a bit-flipping and replay attacks, which proceed as follows:
designed to determine the WEP key used to encrypt intercepted packets. This active attack is a
combination of a bit-flipping and replay attacks, which proceed as follows:
1.
A Hacker intercepts a WEP-encrypted packet.
2.
The hacker flips bits in packets and recalculates ICV CRC32.
3.
The hacker transmits the bit-flipped frame with known IV to the access point.
4.
The access point accepts and forwards the frame because the CRC32 is correct.
5.
Layer 3 device rejects the frame and sends a predictable response.
6.
The access point encrypts the response and sends it to the hacker.
7.
The hacker uses the response to derive the WEP key (stream cipher)
When MIC support is implemented on the root AP of a cell, all associated radio devices in that cell are
instructed by the AP to start using MIC when transmitting data. No MIC configuration is required on
those devices associated to the root AP. Then each device in that cell transmitting a packet adds a few
bytes (the MIC) before encrypting and transmitting that packet. When the recipient receives the packet,
it decrypts it and checks the MIC. If the MIC is intact and unmodified, the recipient accepts the packet.
If the MIC is not intact and has been modified, the recipient discards the packet.
instructed by the AP to start using MIC when transmitting data. No MIC configuration is required on
those devices associated to the root AP. Then each device in that cell transmitting a packet adds a few
bytes (the MIC) before encrypting and transmitting that packet. When the recipient receives the packet,
it decrypts it and checks the MIC. If the MIC is intact and unmodified, the recipient accepts the packet.
If the MIC is not intact and has been modified, the recipient discards the packet.
Because MIC is activated on the access point, not on the client device, there is no effective way to have
a MIC “setting” on the workgroup bridge.
a MIC “setting” on the workgroup bridge.