News

Cracking WiFi security: "How we did it to WEP" - complete with instruction kit

by Staff Writer | posted on 15 May 2007

Last month, three researchers, Erik Tews, Andrei Pychkine and Ralf-Philipp Weinmann developed an exploit. They showed that they could get the security code that protects WiFi access points using Wired Equivalency Privacy in less than two minutes.

The original story gave the basic outline faster attack (based on a cryptanalysis of RC4 by Andreas Klein), that works with ARP packets and just needs 85,000 packets to crack the key with a 95 per cent probablity. This means getting the key in less than two minutes.

Now Federico Biancuzzi has done an interview with the three researchers. All three are studying at Darmstadt University of Technology, Germany. Tews, 24, is a Bachelor student; Pyshkin, 27, and Weinman, 29, are PhD students in Professor Johannes Buchmann's research group.

The story gives just about all the details of how they did it, including a couple of downloads to give you the necessary software.

What's it prove? Well, that nobody uses WEP except BT broadband? If it was a genuine security exploit, publishing the details like this would be a crime... but nobody seems bothered.

Technorati tags:   
general news (wireless) - You can discuss this article on our discussion board.

Related Articles

  • [in Comment]
    WiFi security: a cautionary tale about hex for Halloween[more...]
  • [in News]
    Security crunch for WiFi as standard looms; but will it work?[more...]
  • [in News]
    WiFi Alliance scores pass marks for new security standard[more...]
  • [in News]
    Linksys security for home office - but not WiFi - users[more...]
  • [in News]
    Wireless security - yet another proprietary solution to WEP vulnerability[more...]
  • [in News]
    WiFi web-cam gets harnessed to home security - unless you have a cat[more...]