Penetration Testing mailing list archives

Re: Re: Wireless Pent-Test

From: "Anish" <anish () myrealbox com>
Date: Thu, 09 Oct 2003 12:51:52 +0100

Hi,
 you are right in a way :-), RC4 does have a weakness ,as in ,if not used rightly it would give out some extra bits of 
information.The first few bytes of RC4 has this problem ,so if discarded this could be remedied.The attack would make 
some one with a curious mind wonder ,the algorithm has been around for long ...the attack that too based on statistical 
anaylsis came to light recently :-).
  The problem with RC4 is further aggrevated in WEP having IV in clear.
regards
anish

RC4 is weak when used multiple times with a fixed >>secret key and with a few
bytes of initialization, which are sent out in >>cleartext. This is exactly
how WEP uses RC4.

The main point I was stressing is that there is >>another problem of the way
in which WEP uses RC4, which is related to poorly >>chosen or "weak" IVs,
leading to disclosure of key bits over time.





---------------------------------------------------------------------------
Tired of constantly searching the web for the latest exploits?
Tired of using 300 different tools to do one job?
Get CORE IMPACT and get some rest.
www.coresecurity.com/promos/sf_ept2
----------------------------------------------------------------------------

Current thread:

Re: Wireless Pent-Test, (continued)
- - Re: Wireless Pent-Test n0g0013 (Oct 07)
- Re: Wireless Pent-Test Michael J. Semaniuk (Oct 06)
  - Re: Wireless Pent-Test goat (Oct 06)
- RE: Wireless Pent-Test Steve De Doncker (Oct 06)
- RE: Wireless Pent-Test Artes, Francisco (Oct 06)
- RE: Wireless Pent-Test Matthew Wagenknecht (Oct 06)
- RE: Wireless Pent-Test MJohnst5 (Oct 06)
- RE: Wireless Pent-Test Keith T. Morgan (Oct 06)
  - Re: Wireless Pent-Test Gregory Spath (Oct 06)
- RE: Wireless Pent-Test Keith T. Morgan (Oct 07)
- Re: Re: Wireless Pent-Test Anish (Oct 09)
- Re: Wireless Pent-Test MARTIN M. Bénoni (Oct 10)