On Apr 4, 2007, at 03:38 , Dave Korn wrote:
On 04 April 2007 00:44, Perry E. Metzger wrote:
Not that WEP has been considered remotely secure for some time, but
the best crack is now down to 40,000 packets for a 50% chance of
cracking the key.
http://www.cdc.informatik.tu-darmstadt.de/aircrack-ptw/
Sorry, is that actually better than "The final nail in WEP's
coffin", which
IIUIC can get the entire keystream (who needs the key?) in log2
(nbytes) packet
exchanges (to oversimplify a bit, but about right order-of-magnitude)?
Hi Dave,
this of course is a question of how you value an attack: a key
recovery usually is worth more than a decryption oracle.
To send arbitrary packets with the fragmentation attacks described in
[1, Section 2.6], you need just a single (suitable) data packet.
However, in order to decrypt packets, you need either 2 (connectivity
to other networks that you have a host on that you can control, e.g
the internet) or approx. 2^7 packets (no access to outside hosts)
_per byte_ that you want to decrypt. Our method surely pays of if you
want to decrypt more than a handful of packets.
Cheers,
Ralf
[1] Andrea Bittau, Mark Handley, Joshua Lackey
The Final Nail in WEP’s Coffin
IEEE Symposium on Security and Privacy 2006,
http://doi.ieeecomputersociety.org/10.1109/SP.2006.40
-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]