Well I guess if you consider WEP = Worthless right off the bat + it
now takes a minute for what took a few hours to do rehashed :-)
I think you don't have to look further on WPA/2 attacks than cowpatty
and rainbow tables, kinda primitive but still effective ...
http://www.churchofwifi.org/default.asp?PageLink=Project_Display.asp?
PID=95
Maybe a demo of both @ the next meetup?
- Jon
On Apr 5, 2007, at 6:25 PM, Ben R. Serebin wrote:
Hello Jon,
A good re-hash of old news. I'd like to see how attacks are
progressing against WPA and WPA2.
-Ben
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jon
Baer
Sent: Thursday, April 05, 2007 5:17 PM
To: nycwireless@lists.nycwireless.net
Subject: [nycwireless] Breaking WEP in < 60 seconds
http://eprint.iacr.org/2007/120.pdf
Abstract
We demonstrate an active attack on the WEP protocol that is able to
recover a 104-bit WEP key using less than 40.000 frames with a success
probability of 50%. In order to succeed in 95% of all cases, 85.000
packets are needed. The IV of these packets can be randomly chosen.
This
is an improvement in the number of required frames by more than an
order
of magnitude over the best known key-recovery attacks for WEP. On a
IEEE
802.11g network, the number of frames required can be obtained by
re-injection in less than a minute. The required computational
effort is
approximately 2^20 RC4 key setups, which on current desktop and laptop
CPUs in negligible.
- Jon
--
NYCwireless - http://www.nycwireless.net/
Un/Subscribe: http://lists.nycwireless.net/mailman/listinfo/
nycwireless/
Archives: http://lists.nycwireless.net/pipermail/nycwireless/
--
NYCwireless - http://www.nycwireless.net/
Un/Subscribe: http://lists.nycwireless.net/mailman/listinfo/nycwireless/
Archives: http://lists.nycwireless.net/pipermail/nycwireless/