![]() ![]() Tim Newsham introduced wep_crack, a tool that can crack these passphrase-based passwords. Unfortunately, this algorithm reduces the possible WEP keys that can be chosen and opens them up to a dictionary-based attack. To ensure interoperability, there is an unpublished standard for this "key-generation" algorithm. Because of the difficulty of typing in such a long key, manufacturers have developed an alternative method based on a passphrase for configuring 40- or 104-bit WEP keys. However, in small installations, manual WEP keys are the usual choice. Dynamic key distribution methods, such as those included in the Lightweight Extensible Authentication Protocol (LEAP) or the Protected Extensible Authentication Protocol (PEAP), overcome this chore. ![]() So-called strong WEP keys are 104 bits, or 26 hexadecimal digits, which is a chore to type. The most serious of these is the Fluhrer-Mantin-Shamir (FMS) attack, which allows a passive sniffer to recover WEP keys with as little as nine minutes of sniffing. Because of vulnerabilities in the WEP protocol and some implementation mistakes, several attacks have been developed that compromise WEP keys. One of the juiciest targets for an attacker targeting a WEP-protected WLAN is recovering the WEP key.
0 Comments
Leave a Reply. |