Tim Newsham


Tim Newsham is a computer security professional. He has been contributing to the security community for more than a decade. He has performed research while working at security companies including @stake, Guardent, ISS, and Network Associates.

Contributions

Newsham is best known for co-authoring the paper Insertion, Evasion and Denial of Service: Eluding Network Intrusion Detection with Thomas Ptacek, a paper that broke every Network Intrusion Detection product on the market and has been cited by more than 150 academic works on Network Intrusion Detection since.
He has published other prominent white papers:
In addition to his research, Newsham is also known for his pioneering work on security products, including:
Newsham partially discovered the Newsham 21-bit WEP attack. The Newsham 21-bit attack is a method used primarily by KisMAC to brute force WEP keys. It is effective on routers such as Linksys, Netgear, Belkin, and D-Link but does not affect Apple or 3Com, as they use their own algorithms for generating WEP keys. Using this method allows for the WEP key to be retrieved in less than a minute. When the WEP keys are generated, they use a text based key that is generated using a 21-bit algorithm instead of the more secure 40-bit encryption algorithm, but the router presents the key to the user as a 40-bit key. This method is 2^19 times faster to brute force than a 40-bit key would be, allowing modern processors to break the encryption rapidly.
In 2008, Newsham was awarded a Lifetime Achievement Pwnie award.