HomeCalendarGalleryFAQSearchMemberlistUsergroupsRegisterLog in
New Topics are on the way...
<body> </body>

Share | 
 

 WEP Keys Are 100% Crackable!!!!!!!!!!!!!!!!!!!!!!!

View previous topic View next topic Go down 
AuthorMessage
Admin
Admin


Posts : 63
Join date : 2009-05-10
Age : 25

PostSubject: WEP Keys Are 100% Crackable!!!!!!!!!!!!!!!!!!!!!!!   Sun May 10, 2009 5:39 pm

Topic No (wn0002)

An exploration of the security weaknesses of the Wired Equivalent Privacy (WEP).

What is WEP?


WEP stands for Wired Equivalent Privacy. The 802.11 designers
intention was to provide wireless users with a level of security
equivalent to that achievable on a wired network. Unfortunately WEP has
turned out to be much less secure than intended.
How does WEP work?


WEP uses secret keys to encrypt data. Both AP and the receiving stations must know the secret keys.
There are two kinds of WEP with keys of either 64bits or 128bits.
The longer key gives a slightly higher level of security (but not as
much as the larger number would imply). In fact the user keys are
40bits and 104bits long, the other 24bits in each case being taken up
by a variable called the Initialization Vector (IV).
When a packet is to be sent it is encrypted using a combination of
the IV and the secret key. The IV is different (in theory) for each
packet, while the secret key is fixed. The resulting packet data looks
like random data and therefore makes the original message unreadable to
an outsider not knowing the key. The receiving station reverses the
encryption process to retrieve the message in clear text.
What’s wrong with WEP?


IV values can be reused


In fact the standard does not specify that the value needs to change
at all. Reusing keys is a major cryptographic weakness in any security
system.
IV length is too short


24 bit keys allow for around 16.7 million possibilities. Sounds a
lot, but on a busy network this number can be achieved in a few hours.
Reuse is then unavoidable.
Some manufacturers use ’random’ keys. This is not the best way to
ensure against reuse. A better solution is to start with a key and
increment by one for each subsequent key. Unfortunately many devices
revert to the same value at start up and then follow the same sequence
providing lots of duplicate values for hackers to work on.
Weak keys are susceptible to attack


Certain keys value combinations, ’Weak IVs’, do not produce
sufficiently random data for the first few bytes. This is the basis of
the highly publicized attacks on WEP and the reason that keys can be
discovered.
Manufacturers often deliberately disallow Weak IV values. This is
good in that it reduces the chances of a hacker capturing weak keys,
but also has the effect of reducing the already limited key
possibilities further, increasing the chance of reuse of keys.
Master keys are used directly


From a cryptographic point of view using master keys directly is not
at all recommended. Master keys should only be used to generate other
temporary keys. WEP is seriously flawed in this respect.
Key Management and updating is poorly provided for


Administration of WEP keys is not well designed and difficult to do
on large networks. Users tend to change keys very infrequently which
gives a potential hacker lots of time to collect enough packets to
launch an attack.
Message integrity checking is ineffective


WEP does have a message integrity check but hackers can change
messages and recompute a new value to match. This makes the checking
ineffective against tampering.
Conclusion


Although WEP is far from an ideal security solution you should still
use it. Some security is better than none. A determined attacker may be
able to discover your keys given time and enough weak IVs, but that’s
no reason to leave all of your doors open.
Check if your equipment manufacturer has an updated driver that
avoids sending weak IVs. Use 128 bit encryption if your equipment
supports it. Change the key if there is any suspicion of an attack.
Ideally install an Intruder Detection System (IDS) to monitor attacks.
Take these precautions and your wireless network will be reasonably
secure. For stronger security consider using WiFi Protected Access
(WPA).



Average:
Back to top Go down
View user profile http://securedubai.hypeforum.net
gnomewise



Posts : 1
Join date : 2009-07-24

PostSubject: Re: WEP Keys Are 100% Crackable!!!!!!!!!!!!!!!!!!!!!!!   Fri Jul 24, 2009 7:52 pm

yes it's true WEP keys are crackable, Do u know how to crack WPA encryption i am going to try it in a few days if u have any idea about WPA encrypiton then share it. (i use BackTrack for this kind of attack). i also heard that backtrack can also crack WPA but i have no tired yet.
Back to top Go down
View user profile
Admin
Admin


Posts : 63
Join date : 2009-05-10
Age : 25

PostSubject: Re: WEP Keys Are 100% Crackable!!!!!!!!!!!!!!!!!!!!!!!   Sun Oct 18, 2009 11:26 pm

yeah u can crack WPA with backtrack but the attack is a difficult attack n chances of getting the key are very less.Dictionary is used to perform the attack.If any word in dictionary matches with password,u got the key n if it doesnt matches then you have to try again.also it takes a lottt of tym
Back to top Go down
View user profile http://securedubai.hypeforum.net
fdilbar



Posts : 4
Join date : 2010-01-20
Age : 31
Location : Saudi Arabia

PostSubject: Re: WEP Keys Are 100% Crackable!!!!!!!!!!!!!!!!!!!!!!!   Wed Jan 20, 2010 8:56 pm

Admin wrote:
yeah u can crack WPA with backtrack but the attack is a difficult attack n chances of getting the key are very less.Dictionary is used to perform the attack.If any word in dictionary matches with password,u got the key n if it doesnt matches then you have to try again.also it takes a lottt of tym

Some Japanese security geeks had already broke WPA encryption and it takes them less than 1 minute to break-in, the way they are using these tools are not discussed but research is going, it was said; ".Researchers from Kobe University in Japan are claiming they can best that by a wide margin by cracking any WPA-protected connection using the TKIP algorithm within just one minute flat."
Back to top Go down
View user profile http://www.fdilbar.com
Sami8007



Posts : 13
Join date : 2010-03-04

PostSubject: Re: WEP Keys Are 100% Crackable!!!!!!!!!!!!!!!!!!!!!!!   Thu Mar 04, 2010 11:19 am

For cracking WEP: I strongly recommend Backtrack 3.

For WPA: I strongly recommend A steel baseball bat, as you have better chances beating the password out of them then finding it using a dictionary cracker.

.....seriously.
Twisted Evil Twisted Evil Twisted Evil Twisted Evil Twisted Evil
Back to top Go down
View user profile
Sponsored content




PostSubject: Re: WEP Keys Are 100% Crackable!!!!!!!!!!!!!!!!!!!!!!!   

Back to top Go down
 
WEP Keys Are 100% Crackable!!!!!!!!!!!!!!!!!!!!!!!
View previous topic View next topic Back to top 
Page 1 of 1
 Similar topics
-
» 005 - The Keys of Marinus
» New book by Jesus Villalobos "Forgotten Keys of the Kingdom"
» Please ignore - SPAM
» Lister A Shaft/pulley Key
» Forgotten Keys of the Kingdom

Permissions in this forum:You cannot reply to topics in this forum
*.*ShAmOn*.* :: Wireless Networks Protection-
Jump to: