http://eprint.iacr.org/2007/120.pdf
Abstract
We demonstrate an active attack on the WEP protocol that is able to
recover a 104-bit WEP key using less than 40.000 frames with a
success probability of 50%. In order to succeed in 95% of all cases,
85.000 packets are needed. The IV of these packets can be randomly
chosen. This is an improvement in the number of required frames by
more than an order of magnitude over the best known key-recovery
attacks for WEP. On a IEEE 802.11g network, the number of frames
required can be obtained by re-injection in less than a minute. The
required computational effort is approximately 2^20 RC4 key setups,
which on current desktop and laptop CPUs in negligible.
- Jon
--
NYCwireless - http://www.nycwireless.net/
Un/Subscribe: http://lists.nycwireless.net/mailman/listinfo/nycwireless/
Archives: http://lists.nycwireless.net/pipermail/nycwireless/
