Re: 128 WEP Vulnerabilities

Fri, 23 Feb 2001 08:40:47 -0800 

Nabil,

There was discussion of this on Slashdot a while back...

The informative link is at http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html

The Slashdot discussion links are at:
http://slashdot.org/yro/01/02/06/159208.shtml
and
http://slashdot.org/article.pl?sid=01/02/15/1745204&mode=nested

Here's the jist of the vulnerability:

---Excerpt---

Executive Summary
We have discovered a number of flaws in the WEP algorithm, which seriously
undermine the security claims of the system. In particular, we found the
following types of attacks:

- Passive attacks to decrypt traffic based on statistical analysis.

- Active attack to inject new traffic from unauthorized mobile stations, based
on known plaintext.

- Active attacks to decrypt traffic, based on tricking the access point.

- Dictionary-building attack that, after analysis of about a day's worth of
traffic, allows real-time automated decryption of all traffic.

Our analysis suggests that all of these attacks are practical to mount using
only inexpensive off-the-shelf equipment. We recommend that anyone using an
802.11 wireless network not rely on WEP for security, and employ other security
measures to protect their wireless network.

Note that our attacks apply to both 40-bit and the so-called 128-bit versions of
WEP equally well. They also apply to networks that use 802.11b standard (802.11b
is an extension to 802.11 to support higher data rates; it leaves the WEP
algorithm unchanged).

---End Excerpt---

Hope this helps...

Alan~

----- Original Message -----
From: "Nabil Fares" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, February 23, 2001 10:58 AM
Subject: 128 WEP Vulnerabilities


> Greeting all,
>
> Are you guys aware of any issues/vulnerabilities with the WEP protocol.  Any
> feedback greatly appreciated.
>
> Nabil
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>

_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to