Cracking WEP now takes less than 1 minute

It seems like WEP has gone the way of the dodo. According to this paper it is now possible to crack 104-bit WEP in under a minute. Here’s a synopsis.

We were able to extend Klein’s attack and optimize it for usage against WEP. Using our version, it is possible to recover a 104 bit WEP key with probability 50% using just 40,000 captured packets. For 60,000 available data packets, the success probability is about 80% and for 85,000 data packets about 95%. Using active techniques like deauth and ARP re-injection, 40,000 packets can be captured in less than one minute under good condition. The actual computation takes about 3 seconds and 3 MB main memory on a Pentium-M 1.7 GHz and can additionally be optimized for devices with slower CPUs. The same attack can be used for 40 bit keys too with an even higher success probability.

Bottom line, WEP is probably still adequate as a deterrent to casual users, but should not be used to secure wireless networks. Use TKIP (as known as WPA1) and CCMP (also known as WPA2) instead.

7 comments

  1. Scary. I agree though, anything is better than nothing, as doing a quick scan now, I have the choice of 4 open wireless networks.

    People are mad!

  2. When I lived in the UK, I left my network unlocked for any neighbours who wanted to use my unlimited ADSL connection.
    Now living in Kazakhstan, I only get 700 meg a month.
    However, the highest encryption level on my oldest wi-fi device (an iPAQ) is WEP, so I’ve used that in conjunction with whitelisting all of my device’s MAC address on the AP.
    I’m aware that MACs can be spoofed, and now it looks like it’ll take any time at all for my encryption to be brute-forced, I’m just hoping the lack of geeks in this country will protect me till I get around to finding a decent CF WiFi card for the PPC :>

  3. To tell you the truth, I’m quite happy to live with WEP even knowing it’s limitations. I don’t really have anything top secret to protect, and anyone with the toolz/skillz to crack WEP is probably going to go after more juicy targets than my home network!

  4. Definitely: It’s like those steering locks on your car – they take seconds to defeat, but hopefully persuade the thief to try the next car which hasn’t got one…

  5. You do know the people who go round cracking your lazyily decided wep keys are the same people who download child porn on your line and give you a serious headache..

  6. @anon: Well, the last WEP key I cracked was to download my email, so I don’t agree with your generalisation. Do you have any proof to back that up?

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.