WEP Broken Even Worse 393
collin.m writes in with news of results out of Darmstadt. Erik Tews and others there have demonstrated how to recover a 104-bit WEP key in under a minute, requiring the capture of fewer than 10% the number of packets the previous best method called for. The paper is here (PDF). Quoting: "We were able to extend Klein's attack and optimize it for usage against WEP. Using our version, it is possible to recover a 104 bit WEP key with probability 50% using just 40,000 captured packets... for 85,000 data packets [the success probability is] about 95%... 40,000 packets can be captured in less than one minute under good condition. The actual computation takes about 3 seconds and 3 MB main memory on a Pentium-M 1.7 GHz..."
Re:Who even still users WEP? (Score:2, Informative)
Re:Who even still users WEP? (Score:4, Informative)
Nintendo's response to this is, last I checked, "well, disable WEP and then turn off your computer," which is obviously ridiculous.
Re:Does this still depend on weak IVs? (Score:5, Informative)
According to the article, the attack does not require weak IVs. They haven't actually tested against WEPplus, but expect the attack to still work against it. In other words, WEP in all its forms is now nothing more than an electronic "No trespassing sign" and 3-foot fence.
Re:Can ARC4 be used properly at all? (Score:5, Informative)
RC4 is still just as secure as it was before these WEP attacks.
Re:What about 64 and 128 bit? (Score:5, Informative)
Re:What about 64 and 128 bit? (Score:3, Informative)
WEP uses a 24 bit initialization vector, and the rest is left for the actual key. So 40 bit = 64 bit - 24 bit IV. Same for 128 = 104. People just use the terms interchangably (for better or for worse).
Re:Can ARC4 be used properly at all? (Score:5, Informative)
However, you can apparently upgrade your DS to support WPA with a hacked firmware [geekboy.ca]. It's not clear from the page, but I am fairly sure that it only supports TKIP encryption and not AES since, like WEP, TKIP uses RC4 so does not require a hardware upgrade. It does, however, solve the initialization vector problems of WEP that another poster mentioned; as far as I know, TKIP has not been broken.
Moral? If you're still using WEP, update your drivers and firmware and you may be able to get TKIP WPA and get those pesky neighbors off of your connection.
Re:Who even still users WEP? (Score:3, Informative)
2 of them are WPA-PSK (including mine)
12 of the are unsecured.
The rest are WEP.
7 of the WEP encrypted ones are the DSL router/wireless access point that AT&T hands out. As far as I can tell this piece of hardware can't be configured in any way, can't even change your WEP key.
Corporate Greed (Score:5, Informative)
Re:Nice try but... (Score:5, Informative)
Rainbow tables, dictionaries, and the like are all just variations on brute force. They accelerate the process, but either way you're not actually breaking the encryption but instead using a crapload of processor power to try one key after another until you hit the right one.
Saying WPA is insecure because there is a brute force tool for it is like saying the a lock is insecure because I could go and start trying combinations. 1-1-1....1-1-2....1-1-3.........
Re:Can ARC4 be used properly at all? (Score:4, Informative)
Re:Can ARC4 be used properly at all? (Score:3, Informative)
Cabling sucks if you don't have easy access to air returns or the return doesn't go to the right spot. I'm reluctant in any event to use Wi-Lan for anything.
Re:Corporate Greed (Score:3, Informative)
Re:The most obvoius solution. (Score:1, Informative)
Re:Can ARC4 be used properly at all? (Score:3, Informative)
The good news is that Sheetrock is easy to do. If you don't mind fairly major DIY projects, it wouldn't be that hard to tear open a wall, add conduit, and put the wall back. If you plan carefully, you will likely only need to cut into one wall for every two rooms.
Re:Corporate Greed (Score:2, Informative)
It is in principle, but not in practice. Think of WPA TKIP as a strengthened WEP. They both even use the same encryption schemes. But the vulnerability that affects WEP isn't present in WPA TKIP because TKIP is designed to change keys every 10,000 or so packets. Since you need about two orders of magnitude as many unique IV's to crack this encryption scheme in a reasonable amount of time, you're safe.
Easily spoofed. (Score:3, Informative)
Plus, once an attacker has enough packets, he or she can divulge the necessary MAC address from those packet headers, so it's not really as great an aide as many claim...
Re:Can ARC4 be used properly at all? (Score:4, Informative)
Re:Mac Filtering ! (Score:3, Informative)
"MAC filtering: This is like handing a security guard a pad of paper with a list of names. Then when someone comes up to the door and wants entry, the security guard looks at the person's name tag and compares it to his list of names and determines whether to open the door or not. Do you see a problem here? All someone needs to do is watch an authorized person go in and forge a name tag with that person's name. The comparison to a wireless LAN here is that the name tag is the MAC address. The MAC address is just a 12 digit long HEX number that can be viewed in clear text with a sniffer. A sniffer to a hacker is like a hammer to a carpenter except the sniffer is free. Once the MAC address is seen in the clear, it takes about 10 seconds to cut-paste a legitimate MAC address in to the wireless Ethernet adapter settings and the whole scheme is defeated. MAC filtering is absolutely worthless since it is one of the easiest schemes to attack. The shocking thing is that so many large organizations still waste the time to implement these things. The bottom line is, MAC filtering takes the most effort to manage with zero ROI (return on investment) in terms of security gain."