News
Cracking WiFi security: "How we did it to WEP" - complete with instruction kit
by Staff Writer | posted on 15 May 2007
Last month, three researchers, Erik Tews, Andrei Pychkine and Ralf-Philipp Weinmann developed an exploit. They showed that they could get the security code that protects WiFi access points using Wired Equivalency Privacy in less than two minutes.
The original story gave the basic outline faster attack (based on a cryptanalysis of RC4 by Andreas Klein), that works with ARP packets and just needs 85,000 packets to crack the key with a 95 per cent probablity. This means getting the key in less than two minutes.
Now Federico Biancuzzi has done an interview with the three researchers. All three are studying at Darmstadt University of Technology, Germany. Tews, 24, is a Bachelor student; Pyshkin, 27, and Weinman, 29, are PhD students in Professor Johannes Buchmann's research group.
The story gives just about all the details of how they did it, including a couple of downloads to give you the necessary software.
What's it prove? Well, that nobody uses WEP except BT broadband? If it was a genuine security exploit, publishing the details like this would be a crime... but nobody seems bothered.
Technorati tags: WEP
general news (wireless) - You can discuss this article on our discussion board.
in News
Mobile roaming reforming: UK Government in Lords house will discuss EU proposals
No, it's not another hoax: there REALLY will be a WiFi Blackberry, says RIM exec
A pint of Draft! - Out goes WiFi ying-yang: in comes a/b/g/n barbershop pole
you're reading:
Cracking WiFi security: "How we did it to WEP" - complete with instruction kit
How to sabotage consumer goods via wireless
Got a fave headset? How to en-Bluetooth it!
Mesh "connecter" links the parts ISPs couldn't reach, says Hong Kong developer