Schneier on Security

A blog covering security and security technology.

« Rare Risk and Overreactions | Main | Airline Security Cartoon »

May 18, 2007

Interview with WEP Attack Researchers

They explain how their attack on the 802.11 wireless security protocol works.

Posted on May 18, 2007 at 7:06 AM • 5 Comments

To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.

Comments

Dan • May 18, 2007 9:21 AM

I've used their aircrack-ptw tool to crack a WEP key, and it is incredibly fast. Used with packet injection anyone using WEP will be wide open in less than 3 minutes. People, use WPA2!

FooDooHackedYou • May 18, 2007 10:14 AM

Interesting. A d00d called Hackar1 did a talk on hacking WEP at shmoocon this year. He also cracked WEP with ease using sniffed packets and FPGAs (specialized circuit boards). He's also hacked WPA and bluetooth.

Paul • May 18, 2007 10:55 PM

He goes by H1kari, and his attacks leveraged the ability to precompute hashes, especially against WPA-Personal (pre-shared keys). Aircrack-ptw is unrelated.

Robert • May 19, 2007 4:39 AM

Check out Andrea Bittau's fragmentation attack. Once you've sniffed a single packet you can transmit arbitrary data (without knowing the wep key) in 8 byte fragments.

(which also lets you generate lots of crackable traffic very easily, if you want to use more standard attacks to find the key)

err0ryt3 • July 9, 2007 10:35 PM

Download the backtrack distro on remote-exploit.org

Post a comment

Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.

Subscribe via Kindle

Blog Menu

Search

Powered by DuckDuckGo

Blog Home Page
100 Latest Comments

Archives by Date

2013 J F M A M
2012 J F M A M J J A S O N D
2011 J F M A M J J A S O N D
2010 J F M A M J J A S O N D
2009 J F M A M J J A S O N D
2008 J F M A M J J A S O N D
2007 J F M A M J J A S O N D
2006 J F M A M J J A S O N D
2005 J F M A M J J A S O N D
2004 J F M A M J J A S O N D