WEP security is worthless - can be cracked in a minute

Posted on Wednesday, Apr 04 2007 @ 12:51 CEST by Thomas De Maesschalck
Security experts say the WEP security protocol for WiFi networks is totally broken and should be dumped on sensitive networks.

Researchers from Darmstadt Polytechnic say that by intercepting 85,000 packets it's possible to find the key 95 percent of the time:
WEP has been known to be insecure since 2001 after Scott Fluhrer, Itsik Mantin, and Adi Shamir published an analysis of the RC4 stream cipher. Since then crackers have been able to recover the key to a greater or lesser degree of success.

In 2005, Andreas Klein presented another analysis of the RC4 stream cipher which proved there more correlations between the RC4 keystream. Darmstadt boffins took this idea and managed to adapt it so that it was possible to recover a 104 bit WEP key half the time using just 40,000 captured packets.

Using 40,000 packets, which can be captured in less than a minute, computation takes about three seconds on a Pentium M 1.7 GHz.


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments