Breaking 104 bit WEP in less than 60 seconds

by Vitaly Popovich [Published on 5 April 2007 / Last Updated on 5 April 2007]


Erik Tews, Ralf-Philipp Weinmann, and Andrei Pyshkin from Technische Universit.at Darmstadt wrote an interesting article on WEP security where they published a new algorithm to break WEP very quickly.
Here is the abstract:
We demonstrate an active attack on the WEP protocol that is able to recover a104-bit WEP key using less than 40.000 frames with a success probability of 50%. In order tosucceed in 95% of all cases, 85.000 packets are needed. The IV of these packets can be randomlychosen. This is an improvement in the number of required frames by more than an order ofmagnitude over the best known key-recovery attacks for WEP. On a IEEE 802.11g network, thenumber of frames required can be obtained by re-injection in less than a minute. The requiredcomputational effort is approximately 220 RC4 key setups, which on current desktop and laptopCPUs is negligible.
You can download the article from here: http://eprint.iacr.org/2007/120.pdf
Personally, I hope that WEP dies ASAP and is replaced by WPA in most cases.

Erik Tews, Ralf-Philipp Weinmann, and Andrei Pyshkin from Technische Universit.at Darmstadt wrote an interesting article on WEP security where they published a new algorithm to break WEP very quickly.

Here is the abstract:

We demonstrate an active attack on the WEP protocol that is able to recover a
104-bit WEP key using less than 40.000 frames with a success probability of 50%. In order to
succeed in 95% of all cases, 85.000 packets are needed. The IV of these packets can be randomly
chosen. This is an improvement in the number of required frames by more than an order of
magnitude over the best known key-recovery attacks for WEP. On a IEEE 802.11g network, the
number of frames required can be obtained by re-injection in less than a minute. The required
computational effort is approximately 220 RC4 key setups, which on current desktop and laptop
CPUs is negligible.

You can download the article from here: http://eprint.iacr.org/2007/120.pdf


Personally, I hope that WEP dies ASAP and is replaced by WPA in most cases.

Add Review or Comment

Featured Links