Tim Newsham

Tim Newsham is a computer security professional. He has been contributing to the security community for more than a decade. He has performed research while working at security companies including @stake, Guardent, ISS, and Network Associates (originally Secure Networks).[1]

Contributions

Newsham is best known for co-authoring the paper Insertion, Evasion and Denial of Service: Eluding Network Intrusion Detection[2] with Thomas Ptacek, a paper that broke every Network Intrusion Detection product on the market and has been cited by more than 150 academic works on Network Intrusion Detection since.[3]

He has published other prominent white papers:

  • The Problem With Random Increments[4]
  • Format String Attacks[5]
  • Cracking WEP Keys: Applying Known Techniques to WEP Keys[6]

In addition to his research, Newsham is also known for his pioneering work on security products, including:

  • Internet Security Scanner
  • Ballista (Cybercop) Scanner
  • The software that would later drive Veracode

WEP Security

Newsham partially discovered the Newsham 21-bit WEP attack. The Newsham 21-bit attack is a method used primarily by KisMAC to brute force WEP keys. It is effective on routers such as Linksys, Netgear, Belkin, and D-Link but does not affect Apple or 3Com, as they use their own algorithms for generating WEP keys. Using this method allows for the WEP key to be retrieved in less than a minute. When the WEP keys are generated, they use a text based key that is generated using a 21-bit algorithm instead of the more secure 40-bit encryption algorithm, but the router presents the key to the user as a 40-bit key. This method is 2^19 times faster to brute force than a 40-bit key would be, allowing modern processors to break the encryption rapidly.[7][8]

In 2008, Newsham was awarded a Lifetime Achievement Pwnie award.[9]

gollark: In that case I'd say you're doing it wrong. You can send a random bit of data, stick it in an associative array or whatever stupid thing it's called mapping it to whatever this secret is, and then API 2 can take the random data, and find the secret in that associative array.
gollark: Look, if the client can't read the data anyway, *you can just send and store random junk*.
gollark: (by you I mean whoever wrote your stuff)
gollark: So I guess it's not *its* fault you're using it stupidly and wrong.
gollark: Ah, says here it's something about using a slow key derivation function.

References

  1. "Tim Newsham's Personal Webpage". Retrieved 2011-08-26.
  2. Newsham, Timothy; and Ptacek, Thomas (1998-01). Insertion, Evasion and Denial of Service: Eluding Network Intrusion Detection. January 1998. Retrieved from http://insecure.org/stf/secnet_ids/secnet_ids.html.
  3. "Citation Query Insertion, Evasion and Denial of Service". CiteSeerX. Retrieved 2011-08-29.
  4. The Problem With Random Increments. Retrieved from http://www.thenewsh.com/~newsham/random-increments.pdf.
  5. Format String Attacks. Retrieved from http://seclists.org/bugtraq/2000/Sep/0214.html.
  6. Cracking WEP Keys: Applying Known Techniques to WEP Keys. Retrieved from http://www.lava.net/~newsham/wlan/WEP_password_cracker.pdf.
  7. http://kismac-ng.org/ kismac-ng.org
  8. http://projects.cerias.purdue.edu/secprog/class3/7.Wireless.pdf
  9. "2008 Pwnie Awards". Retrieved 2011-08-29.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.