[VOIPSEC] Cisco 7920 wireless IP Phones

[Robert Moskowitz]

At 10:28 AM 5/26/2005, Bernie L. Dixon wrote:

>Under 802.11i AES 256-bit encryption is available.

Not in the standard.  only AES 128 is defined.  Of course any vendor can 
define their own cipher suite to support AES 256 for high-security DoD 
requirements.

>This tool would stand no chance against that encryption (nor any other 
>tool to date); however,

When we were doing some early IP security work, Noel Chiappa stated:

"In a house with 100 windows, the crook only needs one to be open."

The standards all have best of class in them.  But this does not stop a 
user from doing bad things.

In the IKEv2 debates we tried to require cipher suites to cut down on bad 
user choices and lost to al-la carte.

>Bad cryptographic implementations can be broken.  WEP 64 or 128 is no
>challenge, but AES implemented properly - no way (yet).

Depends on the mode of operation and a few other factors.

For example AES-CBC where the IV is a counter (low hamming distant attack).
AES-CTR without key replacement before counter reuse (simple XOR attach).

>Any encryption adds overhead.  We need to get over that fact and move on.
>Security in itself adds overhead, so is our answer not to do any?  I think
>not.  Let's design security into the architecture at the beginning of its
>life cycle so we stop doing the band-aid approach to fixing security
>problems.  Off set the performance impact by proper engineering during all
>phases of implementation, not as an afterthought.

And it is about time we start using all those cycles for something as basic 
as security.


Robert Moskowitz
Senior Technical Director
ICSA Labs, a division of Cybertrust, Inc.
W:      248-968-9809
F:      248-968-2824
VoIP:   248-291-0713
E:      rgm at icsalabs.com

There's no limit to what can be accomplished if it doesn't matter who gets 
the credit