Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Encryption Security

New Weakness in 802.11 WEP 5

tim finin writes: "WEP is the security protocol used in the widely deployed IEEE 802.11 wireless LAN's. "Weaknesses in the Key Scheduling Algorithm of RC4" by Scott Fluhrer, Itsik Mantin and Adi Shamir describes new results on RC4 with a practical attack against WEP -- an extremely powerful attack which can be applied even when WEP's RC4 stream cipher uses a 2048 bit secret key (its maximal size) and 128 bit IV modifiers (as proposed in WEP2). The attacker can be a completely passive eavesdropper (i.e., he does not have to inject packets, monitor responses, or use accomplices) and thus his existence is essentially undetectable. After scanning several hundred thousand packets, the attacker can completely recover the secret key and thus decrypt all the ciphertexts. The running time of the attack grows linearly instead of exponentially with the key size, and thus it is negligible even for 2048 bit keys." The brave can jump straight to the paper in pure, clean, postscript or PDF format.
This discussion has been archived. No new comments can be posted.

New Weakness in 802.11 WEP

Comments Filter:
  • 2. I have not yet seen an access point that really gives you the freedom to use whatever the client wants. Typically, you have to configure the access point to certain strategy (40 bit, 128 bit encryption), and every single client must know the key and follow that everyone sharing the same encryption key.

    I have not personally used these since their release but here's ciscos [cisco.com] new access points that are suppose to support unique keys per client and other things, but the new crack would invalidate this improvement too.

    Anyone have details or use this cisco stuff??
  • Better hope these guys don't get arrested for putting out this paper...

    (Not that there's any chance of it. But still, it makes you think.)
    -----
  • This is not on the front page because????

  • This will mean tons of wireless LAN hardware will have to go in the junker. This isn't a small problem, its a BIG security hole, in hardware that is being used today in thousands of homes.

    Either way, when will we learn that any security measure will eventually be compromised, its only a matter of time. Using lousy encryption schemes as was the case here, will only mean that a hole in the security is found sooner rather than later.

...there can be no public or private virtue unless the foundation of action is the practice of truth. - George Jacob Holyoake

Working...