Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Introduction
Talk overview
Motivation
WEP keying
A WEP Cracker
Results
Related Work
©2001 @STAKE, INC.
WEP Encryption
CRC
802.11 Frame
Header Payload Payload ICV
32
WEP Encryption
4 x 40
Key 1
Key 2
Keynumber Key
Key 3
40
Key 4
WEP Encryption
IV keynumber
24 8
WEP Encryption
64
IV Key
WEP Encryption
WEP Frame
Header IV keynumber Payload ICV
WEP Decryption
4 x 40
Key 1
Key 2
Keynumber Key
Key 3
40
Key 4
WEP Decryption
64
IV Key
WEP Decryption
Payload ICV
CRC ICV’
32
Header Payload
WEP Authentication
Authentication is optional
©2001 @STAKE, INC.
128-bit Variant
24 104 128-bits
IV Key
WEP Keying
34 f8 a9 27
M y P ee 61 7b f7
a s s p ab a3 35 59
h r a s 40 iterations
seed PRNG 12 e7 a3 98
e
62 c3 f3 7f
6a 8e a3 59
32 bits
...
Generates four 40-bit keys
M y P
a s s p
h r a s
e
32 bits
34 f8 a9 27
40 iterations
PRNG ee 61 7b f7
ab a3 35 59
...
– For each 32-bit output, only bits 16 through 23 are used
Bit 0 has a cycle length of 2^1, Bit 3 has a cycle length of 2^4, etc..
128-bit Generator
104 bits
My PassphraseMy Pass… MD5 032f6d8e8392… …8df926a
64 bits 64 bits
Guess Generator
Key verifier
©2001 @STAKE, INC.
Packet Collector
Making Guesses
Dictionary attack
– Read wordlist from file
Key Verification
Data packets
– Verify that decrypted packets are well-formed
ICV Verification
Decrypt payload+ICV
Results
Implications
Bill Arbaugh et al
– WEP authentication can be performed without knowing the key
tnewsham@stake.com
Questions?