Friday, April 6, 2007

Cracking WEP in less than 60 seconds

Erik Tews, Andrei Pychkine and Ralf-Philipp Weinmann from the technical university Darmstadt in Germany found even better way to crack WEP. Quoting:


“We were able to extend Klein’s attack and optimize it for usage against WEP. Using our version, it is possible to recover a 104 bit WEP key with probability 50% using just 40,000 captured packets. For 60,000 available data packets, the success probability is about 80% and for 85,000 data packets about 95%. Using active techniques like deauth and ARP re-injection, 40,000 packets can be captured in less than one minute under good condition. The actual computation takes about 3 seconds and 3 MB main memory on a Pentium-M 1.7 GHz and can additionally be optimized for devices with slower CPUs. The same attack can be used for 40 bit keys too with an even higher success probability.


More information and a proof-of-concept tool is available at http://www.cdc.informatik.tu-darmstadt.de/aircrack-ptw/

No comments:

Post a Comment