• Save
Cafe Latte
Upcoming SlideShare
Loading in...5

Like this? Share it with your network

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 1

http://www.slideee.com 1

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. Vivek Ramachandran MD Sohail Ahmad www.airtightnetworks.net Cafe Latte with a Free Topping of Cracked WEP - Retrieving WEP Keys From Road-Warriors
  • 2. Talk Outline
    • WEP Cracking – a quick primer
    • Debunking the myths of WEP Cracking – Café Latte
    • Café Latte - Attack Background
    • Café Latte – Detailed Analysis
    • Countermeasures against Café Latte
    • Conclusions
    • Q&A
  • 3. Cracks in WEP -- Historic Evolution 2001 - The insecurity of 802.11, Mobicom, July 2001 N. Borisov, I. Goldberg and D. Wagner. 2001 - Weaknesses in the key scheduling algorithm of RC4. S. Fluhrer, I. Mantin, A. Shamir. Aug 2001. 2002 - Using the Fluhrer, Mantin, and Shamir Attack to Break WEP A. Stubblefield, J. Ioannidis, A. Rubin. 2004 – KoreK, improves on the above technique and reduces the complexity of WEP cracking. We now require only around 500,000 packets to break the WEP key. 2005 – Adreas Klein introduces more correlations between the RC4 key stream and the key. 2007 – PTW extend Andreas technique to further simplify WEP Cracking. Now with just around 60,000 – 90,000 packets it is possible to break the WEP key. Is there really a need for a New Attack?
  • 4. Limitations of the traditional WEP Cracking
    • The attacker needs to be in the RF vicinity of the WEP network
    • The authorized network should have at least one AP up and running which the Clients can connect to
    Client AP Hacker
  • 5. An example scenario where traditional approaches fail
    • An isolated Client far away from the authorized network
    Hacker Victim
    • This Client has a WEP encrypted network “Toorcon” in its PNL
    • Can we crack the WEP key of “Toorcon” using only this Client?
    • Can we have an IP layer connectivity with this Client?
    WEP Cracking Fails!! Café Latte Attack to the rescue!
  • 6. What is the Café Latte Attack?
    • We attack the Client to retrieve the WEP key
    • The Client can be absolutely isolated and nowhere near the authorized network
    • There is no need for an authorized network AP
    Hacker Client Moon No AP needed
  • 7. Before we begin – a quick 101!
  • 8. Attack Background – Windows Wireless Configuration Manager User connects to a WEP protected network “Default” for the first time User enters the WEP key when prompted by the Windows wireless utility “ Default” gets added into the preferred network list (PNL) of the configuration manager
  • 9. Attack Background - Conclusions
    • Windows stores the SSID and the WEP key in its Preferred Network List (PNL)
    • Question:
    • Can we retrieve the WEP key from this Client e.g. at a Coffee Shop?
    • Answer:
    • Café Latte Attack
  • 10. Can we crack WEP with just an isolated Client?
    • To crack WEP we need a large number of encrypted data packets
        • 90k for PTW
        • 500k for Korek+FMS
    • It does not matter which device produces these packets – Client or AP
    • Is it possible to make the Client produce data packets without connecting to the authorized network’s AP?
  • 11. Café Latte - How does it work?
    • Client probes for SSID “Default”
    • Hacker sniffs these probes and brings up a Honeypot
    • Client Authenticates and Associates with this Honeypot
    • Fake Authentication and Association works because WEP does not have mutual Authentication
    Default Default
  • 12.