WEP Dead Again - PowerPoint PPT Presentation

1 / 14
About This Presentation
Title:

WEP Dead Again

Description:

Sniff traffic. Collect frames with weak IVs. Keep collecting for hours, days, weeks. ... Sniff traffic. Repeatedly replay single frame. Collect frames with unique IVs ... – PowerPoint PPT presentation

Number of Views:59
Avg rating:3.0/5.0
Slides: 15
Provided by: doit5
Category:
Tags: wep | again | dead | sniff

less

Transcript and Presenter's Notes

Title: WEP Dead Again


1
WEPDead Again
2
A Brief History
  • WEP Wired Equivalent Privacy for 802.11
  • Attacks appeared in 2001
  • AirSnort
  • WEPcrack
  • Vendor countermeasures appeared 2002-2004

3
How WEP Works
  • Each frame encrypted
  • Encryption key WEP key IV
  • Source, destination, IV, etc. transmitted in clear

4
The Old Attack
  • Sniff traffic
  • Collect frames with weak IVs
  • Keep collecting for hours, days, weeks. . .
  • Crack WEP key in a few seconds

5
Countermeasures
  • Elimination of weak IVs
  • Per-user keys
  • Frequent key changes

6
The Myth
  • Countermeasures work
  • WEP attacks are impractical

7
The New Attack
  • Sniff traffic
  • Repeatedly replay single frame
  • Collect frames with unique IVs
  • Finish collecting in a few minutes
  • Crack WEP key in a few seconds

8
More Attacks
  • Deauthentication
  • Encrypted frame injection
  • Arbitrary frame decryption

9
Weak Keys
  • Brute force attacks
  • Dictionary attacks

10
Wired Equivalent Privacy
Like placing ethernet ports in your parking lot
11
Recommendations
  • Never use WEP
  • WPA2 or VPN preferred
  • Never use WEP
  • WPA generally acceptable
  • Never use WEP
  • Not even Dynamic WEP

12
WPA vs. WPA2
  • WPA2 802.11i
  • WPA is a kludge
  • Pre-802.11i
  • Compromises made for backward compatibility

13
WPA Weaknesses
  • PSK dictionary attacks
  • 802.11x authentication attacks
  • TKIP's days are numbered
  • Dependence on hardware
  • Layer 2 is still exposed
  • Often WEP compatible

14
Thank You
Michael Ossmann http//ossmann.com/mike/
Write a Comment
User Comments (0)
About PowerShow.com