Fast WEP-Key Recovery Attack Using Only Encrypted IP Packets
Summary :
Conventional efficient key recovery attacks against Wired Equivalent Privacy (WEP) require specific initialization vectors or specific packets. Since it takes much time to collect the packets sufficiently, any active attack should be performed. An Intrusion Detection System (IDS), however, will be able to prevent the attack. Since the attack logs are stored at the servers, it is possible to prevent such an attack. This paper proposes an algorithm for recovering a 104-bit WEP key from any IP packets in a realistic environment. This attack needs about 36,500 packets with a success probability 0.5, and the complexity of our attack is equivalent to about 220 computations of the RC4 key setups. Since our attack is passive, it is difficult for both WEP users and administrators to detect our attack.
- Publication
- IEICE TRANSACTIONS on Fundamentals Vol.E93-A No.1 pp.164-171
- Publication Date
- 2010/01/01
- Publicized
- Online ISSN
- 1745-1337
- DOI
- 10.1587/transfun.E93.A.164
- Type of Manuscript
- Special Section PAPER (Special Section on Cryptography and Information Security)
- Category
- Cryptanalysis
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Ryoichi TERAMURA, Yasuo ASAKURA, Toshihiro OHIGASHI, Hidenori KUWAKADO, Masakatu MORII, "Fast WEP-Key Recovery Attack Using Only Encrypted IP Packets" in IEICE TRANSACTIONS on Fundamentals,
vol. E93-A, no. 1, pp. 164-171, January 2010, doi: 10.1587/transfun.E93.A.164.
Abstract: Conventional efficient key recovery attacks against Wired Equivalent Privacy (WEP) require specific initialization vectors or specific packets. Since it takes much time to collect the packets sufficiently, any active attack should be performed. An Intrusion Detection System (IDS), however, will be able to prevent the attack. Since the attack logs are stored at the servers, it is possible to prevent such an attack. This paper proposes an algorithm for recovering a 104-bit WEP key from any IP packets in a realistic environment. This attack needs about 36,500 packets with a success probability 0.5, and the complexity of our attack is equivalent to about 220 computations of the RC4 key setups. Since our attack is passive, it is difficult for both WEP users and administrators to detect our attack.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.E93.A.164/_p
Copy
@ARTICLE{e93-a_1_164,
author={Ryoichi TERAMURA, Yasuo ASAKURA, Toshihiro OHIGASHI, Hidenori KUWAKADO, Masakatu MORII, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Fast WEP-Key Recovery Attack Using Only Encrypted IP Packets},
year={2010},
volume={E93-A},
number={1},
pages={164-171},
abstract={Conventional efficient key recovery attacks against Wired Equivalent Privacy (WEP) require specific initialization vectors or specific packets. Since it takes much time to collect the packets sufficiently, any active attack should be performed. An Intrusion Detection System (IDS), however, will be able to prevent the attack. Since the attack logs are stored at the servers, it is possible to prevent such an attack. This paper proposes an algorithm for recovering a 104-bit WEP key from any IP packets in a realistic environment. This attack needs about 36,500 packets with a success probability 0.5, and the complexity of our attack is equivalent to about 220 computations of the RC4 key setups. Since our attack is passive, it is difficult for both WEP users and administrators to detect our attack.},
keywords={},
doi={10.1587/transfun.E93.A.164},
ISSN={1745-1337},
month={January},}
Copy
TY - JOUR
TI - Fast WEP-Key Recovery Attack Using Only Encrypted IP Packets
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 164
EP - 171
AU - Ryoichi TERAMURA
AU - Yasuo ASAKURA
AU - Toshihiro OHIGASHI
AU - Hidenori KUWAKADO
AU - Masakatu MORII
PY - 2010
DO - 10.1587/transfun.E93.A.164
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E93-A
IS - 1
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - January 2010
AB - Conventional efficient key recovery attacks against Wired Equivalent Privacy (WEP) require specific initialization vectors or specific packets. Since it takes much time to collect the packets sufficiently, any active attack should be performed. An Intrusion Detection System (IDS), however, will be able to prevent the attack. Since the attack logs are stored at the servers, it is possible to prevent such an attack. This paper proposes an algorithm for recovering a 104-bit WEP key from any IP packets in a realistic environment. This attack needs about 36,500 packets with a success probability 0.5, and the complexity of our attack is equivalent to about 220 computations of the RC4 key setups. Since our attack is passive, it is difficult for both WEP users and administrators to detect our attack.
ER -
English
