Security Bullet In
Communiques from the security front, sir
Wednesday 4 April 2007, 1:33 PM
WEP comprehensibly slated
It turns out that WEP is even more useless than people previously thought -- according to a paper by researchers at Darmstadt technical university.
The protocol for securing wireless LANs has been cracked again. Building on previous work into cracking WEP encryption, researchers Erik Tews, Ralf-Philipp Weinmann and Andrei Pyshkin have discovered a method for cracking WEP within three seconds, using a laptop.
"It is possible to recover a 104 bit WEP key with probability 50% using just 40,000 captured packets. For 60,000 available data packets, the success probability is about 80% and for 85,000 data packets about 95%. Using active techniques like deauth and ARP re-injection, 40,000 packets can be captured in less than one minute under good condition. The actual computation takes about 3 seconds and 3 MB main memory on a Pentium-M 1.7 GHz and can additionally be optimized for devices with slower CPUs. The same attack can be used for 40 bit keys too with an even higher success probability," said the Technische Universitat Darmstadt site.
Previous
