 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On 22 Feb 2002, Derek Atkins wrote: > Bob Keyes <bob at sinister.com> writes: > > > A few words on WEP: > > > > YES, it has been broken. However, I still think it provides a modicum of > > security that makes it worth having. The trick is not to be lulled into a > > Ok, I'll bite. What "modicum of security" do you believe a broken > WEP provides? > > -derek > > -- > Derek Atkins > Computer and Internet Security Consultant > derek at ihtfp.com www.ihtfp.com Cracking WEP requires a large sample of packets encrypted with the same WEP key. Of the 16.7 million possible keys, approximately 3000 are considered cryptographically 'weak' (for 128 bit WEP). An attacker needs about 2000 of these types of packets (often termed 'interesting') to crack the WEP key. I saw a figure that an average APs usage level would generate enough interesting packets, statistically, after at the most 16 days. However this may not be a great statistic, as one of the original texts on the WEP problems (http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html) shows that a very busy network could generate enough interesting packets in 5 hours. Airsnort and WEPCrack supposedly can crack WEP within 1 second after capturing as little as 100 MB of data. However, in real life the amount of data required seems to be considerably more, closer to the 1 GB theoretical maximum than the optimal 100 MB. Typically, this is 700 MB or so. In any case, the amount of time and resources required for the attacker to 'crack' WEP is enough to make it worth using, if you don't count the support overhead in an IT organization due to the setting and periodic changing of WEP keys. The question you have to ask yourself is whether the extra protection afforded by 128 bit WEP over 40 bit WEP is worth the extra money. A paper by Fluhrer, Mantin, and Shamir "Weakness in the Key Scheduling Algorithm of RC4", because the difficulty in cracking the higher level of crypto is linear, not exponential as was originally thought. The Prism2 based cards (Linksys,Zoom,SMC, etc) all have 128 bit WEP. However I have heard that throughput with some of these prism2 devices drops considerably when WEP is used. The higher performance cards such as the Orinoco/Avaya and Cisco/Aironet have 128 bit WEP available only on the premium model cards, but I have no knowledge of performance degradation with WEP on these. All of this information is available on the net. I have simply summarized it here for the education of the lazy. -bob
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
