WEP: Cracked in 60 Seconds
April 09, 2007
More than a nail in the coffin, this new attack should be the final layer of dirt on the broken encryption method's grave.
It's no secret that wired equivalent privacy (WEP)
With the right tools and some time, anyone can crack WEP by gathering enough information from the airwaves, which is then used to figure out the pass-phrase protecting the wireless link. The more packets
Researchers at the Darmstadt University of Technology in Darmstadt, Germany have reduced the number yet again, to just 40,000 captured packets. That gave them enough to get a 50% probability of recovering the passkey. 60,000 packets pushed the chance to 80%, and 85,000 made it 95%. They did this with a tool they call aircrack-ptw, and they wrote a paper about it, available here.
That said, companies like AirDefense say that businesses still have a lot invested in legacy WEP-only products, and in some cases -- like retail distribution centers -- it could take millions of dollars to upgrade the equipment. That's why they offer a module for their security software called WEP Cloaking, which sends out extra packets to prevent aircrack-like tools from gathering the data they need. AirDefense says it plans to stay ahead of new WEP cracking efforts, and claims it is already successful in beating this new under-60-second crack.