Penetration Testing mailing list archives
RE: WEP attacks based on IV Collisions
From: <pen-test () nym hush com>
Date: Thu, 3 Jun 2004 13:43:39 -0700
Authentication in WEP works quite surprisingly like this: AP sends a challengetext in clear (128 bit), supplicant answers with the same challengetext crypted with the wep key, AP checks correctness of the encryption and authenticates the client.
This is only true if Shared Key Authentication is in use. Vendors saw this as moronic years ago. I'm not sure how many AP's (if any) use Shared Key Authentication as the default, but every AP I've seen has had Open System Authentication as an option (which essentially just skips that step).
Current thread:
- RE: WEP attacks based on IV Collisions Jeremy Junginger (Jun 02)
- Re: WEP attacks based on IV Collisions leonardo (Jun 02)
- <Possible follow-ups>
- RE: WEP attacks based on IV Collisions pen-test (Jun 04)
- RE: WEP attacks based on IV Collisions pen-test (Jun 04)
- Re: WEP attacks based on IV Collisions leonardo (Jun 07)
- Re: WEP attacks based on IV Collisions Andrew A. Vladimirov (Jun 11)
- Re: WEP attacks based on IV Collisions leonardo (Jun 07)