Cracking WEP now takes less than 1 minute

5th Apr, 2007

It seems like WEP has gone the way of the dodo. According to this paper it is now possible to crack 104-bit WEP in under a minute. Here’s a synopsis.

We were able to extend Klein’s attack and optimize it for usage against WEP. Using our version, it is possible to recover a 104 bit WEP key with probability 50% using just 40,000 captured packets. For 60,000 available data packets, the success probability is about 80% and for 85,000 data packets about 95%. Using active techniques like deauth and ARP re-injection, 40,000 packets can be captured in less than one minute under good condition. The actual computation takes about 3 seconds and 3 MB main memory on a Pentium-M 1.7 GHz and can additionally be optimized for devices with slower CPUs. The same attack can be used for 40 bit keys too with an even higher success probability.

Bottom line, WEP is probably still adequate as a deterrent to casual users, but should not be used to secure wireless networks. Use TKIP (as known as WPA1) and CCMP (also known as WPA2) instead.

July 23, 2007 -- Windows Mobile 6 (2)
July 3, 2007 -- You make it, we’ll break it! (1)
March 23, 2007 -- Security vs Access (0)
February 28, 2007 -- Using Honeypots to learn about HTTP-based attacks (1)
January 7, 2007 -- I hate image spam (0)
November 7, 2003 -- Reverse Proxy Information (0)

Posted by: Owen

Categories:

Site Search Tags:
hacks, security, technology, WEP

Responses

on April 7th, 2007 at 4:14 pm

Scary. I agree though, anything is better than nothing, as doing a quick scan now, I have the choice of 4 open wireless networks.

People are mad!

By: Chris
(11 comments)

on April 8th, 2007 at 7:18 am

Mad ? .. Or just generous ?

By: owen

on April 10th, 2007 at 4:44 am

When I lived in the UK, I left my network unlocked for any neighbours who wanted to use my unlimited ADSL connection.
Now living in Kazakhstan, I only get 700 meg a month.
However, the highest encryption level on my oldest wi-fi device (an iPAQ) is WEP, so I’ve used that in conjunction with whitelisting all of my device’s MAC address on the AP.
I’m aware that MACs can be spoofed, and now it looks like it’ll take any time at all for my encryption to be brute-forced, I’m just hoping the lack of geeks in this country will protect me till I get around to finding a decent CF WiFi card for the PPC :>

By: Chris Merriman
(3 comments)

on April 10th, 2007 at 5:07 am

To tell you the truth, I’m quite happy to live with WEP even knowing it’s limitations. I don’t really have anything top secret to protect, and anyone with the toolz/skillz to crack WEP is probably going to go after more juicy targets than my home network!

By: owen

on April 10th, 2007 at 1:33 pm

Definitely: It’s like those steering locks on your car - they take seconds to defeat, but hopefully persuade the thief to try the next car which hasn’t got one…

By: Chris
(11 comments)

Ugh!!’s Greymatter Honeypot

Cracking WEP now takes less than 1 minute

Related Posts

Responses

Leave a response

Categories

Say Hello

Social Networking

Latest Droppers

Latest Comments

Sponsors

Browse

Links

Linkage

Networking

Subscribe

Stats