[9117] in cryptography@c2.net mail archive
[IRR] Using the Fluhrer, Mantin, and Shamir Attack to Break WEP
daemon@ATHENA.MIT.EDU (R. A. Hettinga)
Tue Aug 7 11:54:33 2001
Mime-Version: 1.0
Message-Id: <p05100300b795959bdb53@[10.0.1.2]>
Date: Tue, 7 Aug 2001 08:55:20 -0400
To: Digital Bearer Settlement List <dbs@philodox.com>,
dcsb@ai.mit.edu, cryptography@wasabisystems.com
From: "R. A. Hettinga" <rah@shipwright.com>
Content-Type: text/plain; charset="us-ascii"
--- begin forwarded text
Date: Tue, 7 Aug 2001 08:37:05 -0400
To: undisclosed-recipients:;
From: Monty Solomon <monty@roscom.com>
Subject: [IRR] Using the Fluhrer, Mantin, and Shamir Attack to Break WEP
Sender: tbtf-irregulars-approval@world.std.com
Reply-To: Monty Solomon <monty@roscom.com>
Using the Fluhrer, Mantin, and Shamir Attack to Break WEP
AT&T Labs Technical Report TD-4ZCPZZ
Authors
Adam Stubblefield
John Ioannidis
Aviel D. Rubin
Abstract
We implemented an attack against WEP, the link-layer security
protocol for 802.11 networks. The attack was described in a recent
paper by Fluhrer, Mantin, and Shamir. With our implementation, and
permission of the network administrator, we were able to recover the
secret key used in a production network, with a passive attack. The
WEP standard uses RC4 IVs improperly, and the attack exploits this
design failure. This paper describes the attack, how we implemented
it, and some optimizations to make the attack more efficient. We
conclude that 802.11 WEP is totally insecure, and we provide some
recommendations.
http://www.cs.rice.edu/~astubble/wep/
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah@ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
