Video Screencast Help
Security Response

Another WEP bytes the dust

Created: 26 Sep 2007 07:00:00 GMT • Updated: 23 Jan 2014 18:46:05 GMT
M.K. Low's picture
0 0 Votes
Login to vote

Recently, I came across a publication by Tews, Weinmann and Pyshkinthat describes an attack, called aircrack-twp, which can recover a104-bit WEP key in less than 60 seconds. WEP (Wired Equivalent Privacy)is a protocol used for securing wireless LANs (WLANs) that use the RC4stream cipher to encrypt transmitted packets under a common key.

The RC4 stream cipher is at the heart of the WEP protocol and is oneof the most widely used stream ciphers in the world due to itssimplicity and compact software implementation. Packets of informationare encrypted using the following method: A 24-bit initializationvector (IV) is chosen for each packet which is concatenated with thesecret 104-bit RC4 common key to form the 128-bit per packet or sessionkey. The per-packet key is encrypted through the RC4 stream cipher toproduce a pseudo-random keystream. Note that, since each packet has adifferent IV, the RC4 encryption will generate a unique keystream fromone long-term common key. Next, a CRC-32 checksum is calculated overthe plaintext to ensure integrity of the text. Finally, the plaintextfollowed by the checksum is exclusive-ORed with the keystream toproduce the ciphertext. The unencrypted IV is sent in the header of theWEP packet.

Aircrack-twp uses the aircrack-ngtoolkit, which is readily available on the Web as a key recovery tool,and takes advantage of the weaknesses between the RC4 generatedkeystream and the common key. This attack is not the first one on WEP,but it does improve on the other, best known attacks, such as the oneby Andreas Klein in2005, by at least one order of magnitude. Aircrack-twp requiressignificantly less captured packets, and consequently less time torecover the common key compared to other known attacks. Only 40,000packets are needed for a 50% probability of success. The packets can becaptured in less than a minute using active techniques such as deauthand ARP re-injection; the computation takes three seconds and 3Mb ofmain computer memory on a Pentium-M 1.7 GHz. For a 95% probability ofsuccess, an attacker needs 85,000 captured packets.

Despite such publicized vulnerabilities of WEP, the encryption protocol is still widely used around the world. According to RSA’s Wireless Security Surveys,only 49% of wireless access point operators in New York City haveupgraded from WEP to more advanced encryption such as WPA (Wi-FiProtected Access). With such efficient and effective attacks on WEP,why are so many people still using it as their wireless encryptionprotocol?

When I asked my friend, Jon, what type of security he used for hisWLAN, he said that someone else had installed his wireless device andhe had no clue. We checked his network and sure enough he was usingWEP. To top it off, he was still using the default settings, i.e.username “admin” with no password. I was interested to see what otherWLANs were within our range. It turns out that Jon was not alone, as wedetected 15 other networks using WEP in his apartment complex. Theworse part was that we detected three that were unsecured. (One wasnamed “The Penthouse”; three guesses where this network is located.)

I can understand why some people think WEP provides enough securityfor their WLAN. Their mindset is that some encryption is better than noencryption at all. Also, networking companies tell consumers that thereis nothing to be concerned about since the average person would notknow how to mount attacks against WEP. On the D-Link technical support Website, they reassure customers in the FAQs that:

“At this point, it takes some serious hacking abilities to bust into a WEP enabled network so home users should not worry.”

It all comes back to being informed and following best practices. I’m not saying that everyone should subscribe to the Computer Crime Research Center’snewsfeeds (though they do have some eye-opening articles). What I amsaying is that you wouldn’t leave your house key under the doormat, sowhy would you use a vulnerable security protocol that amounts tonothing more than a speed hump to a cracker? It is advisable to use amore advanced security protocol such as WPA or WPA2 and change yourpassword regularly. Passwords should be a mix of letters (upper andlowercase) and numbers, and should not consist of words in thedictionary. This five-minute preventative routine could not only saveyou money, but time and effort in the future, and would significantlyimprove the safety of information on your computer.