1. Home
  2. Wireless Networking
  3. NEWS: Breaking WEP in minutes, or even seconds

NEWS: Breaking WEP in minutes, or even seconds

...

Many home internet users rely on an encryption system called Wireless Equivalent Protection (WEP) to stop others using their wi-fi link, even though WEP has long been known to be flawed.

In early April three cryptographic researchers at the Darmstadt Technical University in Germany revealed a method of exploiting the flaws far more effectively.

Before now it took at least 20 minutes of monitoring the airwaves before it was possible to break in to a wireless network protected by WEP.

Now, armed with a program written by the researchers, it is possible to break in to the same network far faster.

"Breaking in to a WEP protected network is now very easy to do," said Erik Tews, one of the researchers.

"Doing it in 60 seconds is realistic, or five minutes in the very worst case. We think now that WEP is really dead and we recommend that no-one should use it."

In its place he recommends an encryption system called Wi-fi Protected Access (WPA), introduced four years ago to replace WEP. "We have had a very close look at WPA and we can't find anything to exploit," he said.

[MORE]
Reply to
John Navas
Loading thread data ...

Even WPA without extra hardening, can be broken, see below instrcuction video:

formatting link

-aljuhani

Reply to
aljuhani

On 30 Apr 2007 21:00:07 -0700, aljuhani wrote in :

Utter nonsense -- too many serious errors for me to waste time listing them (e.g., to disable SSID broadcast, which is worse than pointless).

WPA with a recommended passphrase defeats a brute force attack and thus can't be broken by that silly video.

Reply to
John Navas

aljuhani hath wroth:

Yech, Powerpoint. Most of the presentation is about WEP cracking. The WPA part uses aircrack and a dictionary attack. That only works for fairly short pass phrases that are in the wordlist. Even simple measures, such as using foreign words or long pass phrases, renders the dictionary attack ineffective.

Reply to
Jeff Liebermann

The important words here are: "it is possible".

See:

Message-ID:

Reply to
Axel Hammerschmidt

On Tue, 1 May 2007 12:33:52 +0200, snipped-for-privacy@hotmail.com (Axel Hammerschmidt) wrote in :

Which, when it comes to security, should put the matter to rest. Otherwise you're playing Russian Roulette.

That doesn't give me much sense of security. You?

Reply to
John Navas

On Tue, 01 May 2007 05:30:58 GMT, John Navas wrote in :

p.s. WPA does have a weakness in that it can be attacked offline (using captured data), but that weakness only matters in the case of weak passphrases that can be cracked with a dictionary or brute force attack. The recommended passphrase (longer than 20 characters) makes a dictionary or brute force attack infeasible.

Reply to
John Navas

Why?

When you look closer, it's not a big deal.

Reply to
Axel Hammerschmidt

On Tue, 1 May 2007 18:22:25 +0200, snipped-for-privacy@hotmail.com (Axel Hammerschmidt) wrote in :

It's like unsafe sex. Infection is "possible", not certain, but the consequences are high.

We'll just have to agree to disagree. I sincerely wish you the best of luck.

Reply to
John Navas

John, sorry to intrude, but you post this or a similar article often enough for it to hit my troll filters now.

Perhaps you could try to post some actual new information about WEP occasionally? I mean, everyone and their dog knows its crap, but just bcos someon can do it slightly faster isn't news. Uunless the victim is a worthy target nobody is going to bother anyway.

MJMM, hiding behind more layers than Shrek.

Reply to
Mark McIntyre

On Tue, 01 May 2007 22:49:07 +0100, Mark McIntyre wrote in :

This is "actual new information", as should be obvious from the material I quoted, and is easily found with Google:

"Breaking 104 bit WEP in less than 60 seconds"

Abstract. We demonstrate an active attack on the WEP protocol that is able to recover a 104-bit WEP key using less than 40.000 frames with a success probability of 50%. In order to succeed in 95% of all cases, 85.000 packets are needed. The IV of these packets can be randomly chosen. This is an improvement in the number of required frames by more than an order of magnitude over the best known key-recovery attacks for WEP. On a IEEE 802.11g network, the number of frames required can be obtained by re-injection in less than a minute. The required computational effort is approximately 220 RC4 key setups, which on current desktop and laptop CPUs is neglegible.

Reply to
John Navas

Try explaining what's being done here in your own words.

Reply to
Axel Hammerschmidt

On Wed, 2 May 2007 21:48:39 +0200, snipped-for-privacy@hotmail.com (Axel Hammerschmidt) wrote in :

Try making a real contribution here instead of just trying to snipe at others.

Reply to
John Navas

All you have noticed is the eye-catching headline you can use.

Reply to
Axel Hammerschmidt

On Wed, 2 May 2007 23:15:43 +0200, snipped-for-privacy@hotmail.com (Axel Hammerschmidt) wrote in :

I rest my case.

Reply to
John Navas

You think, you have a case?

Reply to
Axel Hammerschmidt

How 'bout answering the question, instead of hiding behind smart responses? I didn't see anything particularly new in the article you referenced - in fact it read rather like journalism pretending to be a paper.

Reply to
Mark McIntyre

You would be better advised to answer the question. At the moment, anyone reading this thread will be saying "hm, John can't actually explain whats new, it seems".

Reply to
Mark McIntyre

It's demonstrably a parrot.

It needs a cage, not a case.

Reply to
News

On Thu, 03 May 2007 00:26:51 +0100, Mark McIntyre wrote in :

Again, we'll just have to agree to disagree.

Reply to
John Navas

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.