The final nail in WEP's coffin
- 1 January 2006
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- Vol. 2259 (10816011) , 15 pp.-400
- https://doi.org/10.1109/sp.2006.40
Abstract
The 802.11 encryption standard Wired Equivalent Privacy (WEP) is still widely used today despite the numerous discussions on its insecurity. In this paper, we present a novel vulnerability which allows an attacker to send arbitrary data on a WEP network after having eavesdropped a single data packet. Furthermore, we present techniques for real-time decryption of data packets, which may be used under common circumstances. Vendor produced mitigation techniques which cause frequent WEP re-keying prevent traditional attacks, whereas our attack remains effective even in such scenarios. We implemented a fully automatic version of this attack which demonstrates its practicality and feasibility in real networks. As even rapidly re-keyed networks can be quickly compromised, we believe WEP must now be abandoned rather than patched yet againKeywords
This publication has 2 references indexed in Scilit:
- Weaknesses in the Key Scheduling Algorithm of RC4Published by Springer Nature ,2001
- Intercepting mobile communicationsPublished by Association for Computing Machinery (ACM) ,2001