Tuesday, May 29, 2007

I bet you thought WEP couldn't get any worse...

WEP has been cracked _again_ and read the description--it is a devastating break.  Crypto by committee, especially when not done by expert cryptographers with a well-defined threat model, is really, really bad.  This page also summarizes some of the previous weaknesses of WEP.

I hope you have switched to WPA or an alternative by now if you care about wireless privacy and keeping people off of your network.

If this isn't enough to run a VPN like OpenVPN or IPSec (although I don't favor IPSec anymore for many reasons; that's another crypto by committee with its own problems).

We were able to extend Klein's attack and optimize it for usage against WEP. Using our version, it is possible to recover a 104 bit WEP key with probability 50% using just 40,000 captured packets. For 60,000 available data packets, the success probability is about 80% and for 85,000 data packets about 95%. Using active techniques like deauth and ARP re-injection, 40,000 packets can be captured in less than one minute under good condition. The actual computation takes about 3 seconds and 3 MB main memory on a Pentium-M 1.7 GHz and can additionally be optimized for devices with slower CPUs. The same attack can be used for 40 bit keys too with an even higher success probability.

No comments:

Post a Comment