[ISN] Using the Fluhrer, Mantin, and Shamir Attack to Break WEP

From: InfoSec News (isnat_private)
Date: Wed Aug 08 2001 - 01:40:27 PDT

  • Next message: InfoSec News: "[ISN] DefCon: hacking for human rights"

    Forwarded by: William Knowles <wkat_private>
    AT&T Labs Technical Report TD-4ZCPZZ, August 6, 2001 
    Adam Stubblefield 
    John Ioannidis 
    Aviel D. Rubin 
    We implemented an attack against WEP, the link-layer security protocol
    for 802.11 networks. The attack was described in a recent paper by
    Fluhrer, Mantin, and Shamir. With our implementation, and permission
    of the network administrator, we were able to recover the 128 bit
    secret key used in a production network, with a passive attack. The
    WEP standard uses RC4 IVs improperly, and the attack exploits this
    design failure. This paper describes the attack, how we implemented
    it, and some optimizations to make the attack more efficient. We
    conclude that 802.11 WEP is totally insecure, and we provide some
    "Communications without intelligence is noise;  Intelligence
    without communications is irrelevant." Gen Alfred. M. Gray, USMC
    C4I.org - Computer Security, & Intelligence - http://www.c4i.org
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Wed Aug 08 2001 - 04:08:56 PDT