Information Security News mailing list archives
Using the Fluhrer, Mantin, and Shamir Attack to Break WEP
From: InfoSec News <isn () c4i org>
Date: Wed, 8 Aug 2001 03:40:27 -0500 (CDT)
Forwarded by: William Knowles <wk () c4i org> http://www.cs.rice.edu/~astubble/wep/ AT&T Labs Technical Report TD-4ZCPZZ, August 6, 2001 Authors: Adam Stubblefield John Ioannidis Aviel D. Rubin Abstract: We implemented an attack against WEP, the link-layer security protocol for 802.11 networks. The attack was described in a recent paper by Fluhrer, Mantin, and Shamir. With our implementation, and permission of the network administrator, we were able to recover the 128 bit secret key used in a production network, with a passive attack. The WEP standard uses RC4 IVs improperly, and the attack exploits this design failure. This paper describes the attack, how we implemented it, and some optimizations to make the attack more efficient. We conclude that 802.11 WEP is totally insecure, and we provide some recommendations. Text: PostScript PDF HTML *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- Using the Fluhrer, Mantin, and Shamir Attack to Break WEP InfoSec News (Aug 08)