Interesting People mailing list archives
IP: New results on WEP (fwd)
From: David Farber <dave () farber net>
Date: Thu, 26 Jul 2001 19:59:09 -0400
To: cryptography () wasabisystems com Subject: New results on WEP (fwd) Date: Wed, 25 Jul 2001 19:13:29 -0400 From: Matt Blaze <mab () research att com> Sender: owner-cryptography () wasabisystems com Adi Shamir and his colleagues have some interesting new results on RC4 with a practical attack against WEP. With Adi's permission, I've made available a (PostScript) copy of a draft of his paper at: http://www.crypto.com/papers/others/rc4_ksaproc.ps (Fortunately, as far as I know WEP isn't used for copy protection, so it's still legal to disseminate and traffic in this kind of information...) - -matt - ------ Forwarded Message Date: Thu, 26 Jul 2001 00:50:03 +0300 From: Shamir Adi <shamir () wisdom weizmann ac il> Organization: Weizmann Institute of Sciense, Faculty of Mathematics To: mab () research att com Subject: New results on WEP Dear Matt, WEP is the security protocol used in the widely deployed IEEE 802.11 wireless LAN's. This protocol received a lot of attention this year, and several groups of researchers have described a number of ways to bypass its security. Attached you will find a new paper which describes a truly practical direct attack on WEP's cryptography. It is an extremely powerful attack which can be applied even when WEP's RC4 stream cipher uses a 2048 bit secret key (its maximal size) and 128 bit IV modifiers (as proposed in WEP2). The attacker can be a completely passive eavesdropper (i.e., he does not have to inject packets, monitor responses, or use accomplices) and thus his existence is essentially undetectable. It is a pure known-ciphertext attack (i.e., the attacker need not know or choose their corresponding plaintexts). After scanning several hundred thousand packets, the attacker can completely recover the secret key and thus decrypt all the ciphertexts. The running time of the attack grows linearly instead of exponentially with the key size, and thus it is negligible even for 2048 bit keys. I'll appreciate your comments and suggestions. Please feel free to forward this email to your colleagues. Sincerely yours, Adi Shamir
For archives see: http://www.interesting-people.org/
Current thread:
- IP: New results on WEP (fwd) David Farber (Jul 26)