Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Security Wireless Networking Hardware IT

WEP Broken Even Worse 393

collin.m writes in with news of results out of Darmstadt. Erik Tews and others there have demonstrated how to recover a 104-bit WEP key in under a minute, requiring the capture of fewer than 10% the number of packets the previous best method called for. The paper is here (PDF). Quoting: "We were able to extend Klein's attack and optimize it for usage against WEP. Using our version, it is possible to recover a 104 bit WEP key with probability 50% using just 40,000 captured packets... for 85,000 data packets [the success probability is] about 95%... 40,000 packets can be captured in less than one minute under good condition. The actual computation takes about 3 seconds and 3 MB main memory on a Pentium-M 1.7 GHz..."
This discussion has been archived. No new comments can be posted.

WEP Broken Even Worse

Comments Filter:
  • by Myria ( 562655 ) on Tuesday April 03, 2007 @05:48PM (#18595335)
    Can ARC4 be used securely at all? Or are WEP's failings its own fault?

    On a somewhat related note, I'm annoyed that wireless encryption was implemented in hardware. Nintendo DS's wireless is worthless to me since the encryption system can't be upgraded.
  • So what... (Score:2, Interesting)

    by gatkinso ( 15975 ) on Tuesday April 03, 2007 @05:53PM (#18595419)
    ....well, not really.

    But many home users run their access point completely open and never have a problem. WEP still will make an attacker have to actually break in - negating their excuses of "well it *was* wide open , so..."

    Of course, this vulenrability applies to those would wish to/need to secure their networks.
  • by Zarhan ( 415465 ) on Tuesday April 03, 2007 @05:57PM (#18595493)
    For some reason I can't get the paper to load, but anyway, does this still depend on weak initialization vectors?

    I know that the original attack did depend on that, and most software and basestations have since been configured to avoid those weak IVs. I know that some stuff (like Nokia's basestations) are still weak agains the original attack (at least when tested with Kismet), however, against Cisco Aironets and almost any newer hardware I haven't been able to see this weakness in action when trying out if it really works...

    (Terabeam uses the term "WEPPlus" about this - see http://www.terabeam.com/solutions/whitepapers/wep- plus.php [terabeam.com] )

    Anyway, if this is just extension of the original attack, then it still requires those weak IVs to exist.

    Or is it something completely new?
  • by andy55 ( 743992 ) on Tuesday April 03, 2007 @06:05PM (#18595639) Homepage
    This may be a dumb question, but why does TFA only refer to 40 and 104 bit WEP when the more common variants seem to be 64 and 128 bits?
  • by geekinaseat ( 1029684 ) on Tuesday April 03, 2007 @07:07PM (#18596559) Homepage

    This isn't really news. It's pretty smart that they have managed to crack WEP with so few IVs (it usually takes about 200,000 for 64bit and just under a million for 128bit) but in reality this doesn't change (or expose) WEPs inherent vuneribilities at all, for example I am currently doing my dissertation on wireless security and in tests WEP64 on average can be cracked in about 3 minutes and WEP128 in about 10 minutes so getting this down to a minute doesn't really change the fact that a hacker could capture enough packets simply by hanging around and drinking a coffee using the "old" tools.

    An interesting sidenote is that the amount of time a hacker needs to be near a target WLAN for WPA-PSK is measured in seconds making it much more insecure if it has a weak passphrase than WEP is even now with crack times under a minute.

    Please if you want a secure home wireless network choose WPA-PSK and make the passphrase as long and as abstract as possible, nothing else is safe -and if you have the cash... buy a radius server

  • by dissy ( 172727 ) on Tuesday April 03, 2007 @07:18PM (#18596705)
    Shame about the file fragments (or whole files) they'll find on your harddrive.. which the court will compell you to produce to a forensic expert. You're better off planting a worm infection on your computer.. then claim you were part of a botnet.

    Totally valid point. One of the main reasons you should stay under the radar and not get a finger pointed at you if at all possible.

    While excuses such as 'someone was on my wireless' are totally valid, the court will indeed check your systems, and once they find the files in question, add one purgery charge if you attempted to use that wireless excuse.

    Alot more care needs to be taken to hide ALL of your downloads of that nature. Warez, music, video, everything.

    Encrypted disks will be found, and now it's up to a judge to choose between your excuse why you can't show the court whats in it, and the FUD the procecuter will throw out.

    Hiding your data on removable media (disk or otherwise) or even hidden systems, still seems like it would rely on luck of them not being found (Remember, in the USA, its quite possible for a raid first, sue later, depending on the source of the files. Alot more likely in massive busts than simple riaa/mpaa auto-lawsuits thou.)

    Even your work infection idea isnt too good in all cases. "Yes your honor, we believe the computer was infected and part of a botnet.. so those files were put there by some hacker. The defendant just found them and played the music and watched the videos.. er, i mean the hacker somehow loaded them to the video player cache.. er, i mean the hacker must have gotten into his set top box and streamed media there too..."

    Most patterns of usage of those types of files will not match what a botnet/trojan would do with them.

    Making this type of attack public is Great for ppl who really didn't commit a crime and their wireless was used by someone else to do it. One less seeming item of proof to use aginst them.

    But for the people really breaking the law and trying to lie about it after getting caught, you will need aLOT more planning to go into your excuse(s), and enough mucking with your system to hide things that it will not be convienent at all to use your pirated booty.

    Of course that call is up to you.
    But if you are breaking the current laws, don't expect this one thing alone to help you out much if at all if you get caught.
  • by MS-06FZ ( 832329 ) on Tuesday April 03, 2007 @07:22PM (#18596757) Homepage Journal

    So, for instance, the laptops of the house would all use WPA and the NDS would use WEP?

    That wouldn't really increase the overall security of the network. If somebody wanted to break in, he'd just crack the WEP encryption..
    I am aware of that flaw. However, I'm attempting to make the best of a bad situation - a perfect solution is not possible.

    The idea is that by having the NDS and only the NDS use WEP, the opportunities for sniffing WEP packets will be limited to those times when someone's accessing the network with an NDS - as opposed to when one of our unwired computers is on (and presumably doing some net activity, either in the foreground or background), which is pretty much all the time. So if someone wanted to break in, they'd need to find out when I play Mario Kart, and do it then. Still quite feasible, but the vast majority of wireless network traffic in the household would not be using WEP, and most of the time there'd just be no WEP traffic to monitor, no WEP packets to request resend of, etc.

    And then, also, there's the maintenance issues of that setup: if I monitor the activity over the WEP from time to time and want to update the key or block out WEP for a while, or do something else to shake off freeloaders - only the NDS would be affected. The laptops and such would go on happily using WPA, which is at least reasonably secure.

    So, again, my question is not "is this setup secure?", it's "is this setup possible?" Or would the separate control of access methods require a separate set of hardware?
  • by Technician ( 215283 ) on Tuesday April 03, 2007 @07:23PM (#18596777)
    No. Even a cursory glance at your laptop next time you are in a commercial parking lot will tell you that (or at an apartment complex).

    No. We use some prety antique hardware (laptop with embedded 11b no WPA). We are fairly remote so the number of potential attackers is pretty slim. To discourage them, DHCP is truned on. The DHCP range is blocked from the gateway by access control. To get a leachable connection, you will need to spoof a MAC address, use a fixed IP address, and hope we are not online at the moment. A conflict will be noticed.

    We don't need a hack proof wireless. We just need to be more difficult than our neighbors.
  • by nutshell42 ( 557890 ) on Tuesday April 03, 2007 @07:25PM (#18596797) Journal
    Well, from a legal POV the plausible deniability an unsecured WLAN offers is quite tempting.

    As long as you secure your computers and data (and if you're not charged by the GB), it's really useful to be able to tell the judge that it was teH h4X0rZz when the RIAA rings at your door.

  • by Rick17JJ ( 744063 ) on Tuesday April 03, 2007 @08:27PM (#18597555)

    For my computers at home, I used the "Perfect Password Generator" that is on the grc.com web page to generate the longest most random possible WPA password. Each time I visit that web page a different a password is generated. I then placed the password on a USB key and transfered the password to both of my computers and the wireless router. I then cut and pasted the password instead of trying to type the huge password. For the extra paranoid, slicing and dicing and mixing up the long password that is generated could also done as an extra precaution, although the password did come from a secure website at a security oriented web page.

    Perfect Passwords [grc.com]

  • by Scoth ( 879800 ) on Tuesday April 03, 2007 @10:14PM (#18598513)
    My problem is I tend to be a wanderer. I might be surfing the web in my computer room, boot up the laptop and go sit on the couch for awhile and surf while watching the news or something, then go into the bedroom and play a few webgames while my fiancee works on homework, then maybe go sit on the back deck in the evening and get a little extra work done. Short of really long cables, or lots of plugging/unplugging, going wired isn't really practical. Of course, I guess that's what WPA and other better wireless security setups are for, although ideally I'd set up my DD-WRT with the wireless on a different segment. I'll get to it sooner or later. I've mostly made do with frequently rotated and never repeated wep keys, although that was going on the assumption of needing to capture tons of packets to crack it. This new thing throws that a bit out of whack...
  • by adolf ( 21054 ) <flodadolf@gmail.com> on Tuesday April 03, 2007 @10:48PM (#18598729) Journal
    No, sir. Nobody would ever suggest that you replace your fleet of $1.5k bar code readers just because someone has finally found WEP to be trivially easy to break. It's your network; open it to the world at your own peril.

    Instead, I offer this suggestion: Stop using the old scanners, and go back to whatever system you were using before you decided that wireless bar code readers were Teh Way to Maximum Synergistic Productivity through Leveraged Asset Management and Total Quality Control. Use that old system for a few weeks.

    After that, reevaluate whether the additional $1.6k for WPA-supporting scanners is in order. If it's still too expensive, you don't need it.

    Hope this helps...

  • by kd5ujz ( 640580 ) <william@raTIGERm-gear.com minus cat> on Wednesday April 04, 2007 @01:03AM (#18599641)
    It is not that hard to do without destroying the sheetrock. If you have existing cable, you can attatch a string to the end, pull it up/down into the ceiling/crawlspace, tape on the new cable in the attic/basement, and pull it back down with the string. If you do not have existing cable, you can use paddle bits and bit extenders to get through any cross studs in the wall, then fiberglass rods to fish down through the cross studs. Sometimes you get lucky and there are not any cross studs.
  • by plover ( 150551 ) * on Wednesday April 04, 2007 @01:29AM (#18599791) Homepage Journal
    A corporation with 10,000 WEP-only devices deployed to 2,000 field locations would love to switch to WPA, but that's not always immediately possible for financial reasons. Let's say that one device costs $2,000 dollars to replace (custom hardware,) and each field location requires the upgrade of perhaps a dozen old access points, each one costing say $500 plus the average installation labor of about $1,000 each. So that's $20 million for device costs, plus another $36 million to secure the access points. I don't care how big your company is, you don't tap $56 million from the budget without some serious planning.

    When a corporation initially buys equipment, they go for whatever is available and makes sense at the time, and they plan for an expected lifetime of the equipment. When those access points were installed, WPA wasn't on the horizon and security wasn't a top issue, and they may have budgeted for an expected lifetime of 15 years. Just as the rollout of all this infrastructure is finishing up, some researcher announces WEP is cracked. Think about the manager who has to go back to the board of directors asking for an extra $56 million to replace all that brand new equipment because the encryption now has the wrong three letters. Even if the board doesn't fire the manager on the spot for being short-sighted, money for the replacement project is not going to come quickly, I tell you that.

    As long as it's not 100% replaced, you're flapping in the breeze. Your only answer is to secure the network behind the access points (a good idea in any case,) secure the device's applications as best as you can, and hold your breath until the money arrives and the old gear is replaced.

    It may be the cost of doing business, but it's still pretty high in some cases.

The next person to mention spaghetti stacks to me is going to have his head knocked off. -- Bill Conrad