Using the Fluhrer, Mantin, and Shamir Attack to Break WEP

From: aleph1at_private
Date: Thu Aug 09 2001 - 16:39:53 PDT

  • Next message: Power Steve: "sniffing X traffic."

    Using the Fluhrer, Mantin, and Shamir Attack to Break WEP
    Adam Stubblefield, John Ioannidis, Avial D. Rubin
    We implemented an attack against WEP, the link-layer security protocol
    for 802.11 networks. The attack was described in a recent paper by Fluhrer,
    Mantin, and Shamir. With our implementation, and permission of the network
    administrator, we were able to recover the 128 bit secure key used in a
    production network, with a passive attack. The WEP standard uses RC4 IVs
    improperly, and the attack exploits this design failure. This paper describes
    the attack, how we implemented it, and some optimizations to make the
    attack more efficient. We conclude that 802.11 WEP is totally insecure, and
    we provide some recommendations.
    Elias Levy
    Si vis pacem, para bellum
    This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
    Service. For more information on SecurityFocus' SIA service which
    automatically alerts you to the latest security vulnerabilities please see:

    This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 07:37:58 PDT