[REVS] Practical Exploitation of RC4 Weaknesses in WEP Environments

From: support@securiteam.com
Date: 03/04/02 

From: support@securiteam.com
To: list@securiteam.com
Date: Mon,  4 Mar 2002 19:06:28 +0100 (CET)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  Practical Exploitation of RC4 Weaknesses in WEP Environments
------------------------------------------------------------------------

SUMMARY

The following is a quick introduction to a well-written article on the
weakness of RC4 used in WEP environments. The article provides a
background explanation, packet structure, practical attacks (Brute
Forcing, FMS Attack, First Byte attack, RC4 Attacks) and a possible
solution for the mentioned attacks.

DETAILS

Introduction:
This document will give a brief background on 802.11b based WEP weaknesses
and outline a few additional flaws in rc4 that stem off of the concepts
outlined in "Weaknesses in the Key Scheduling Algorithm of RC4" (FMS) and
"Using the Fluhrer, Mantin, and Shamir Attack to Break WEP" (SIR) and
describes specific methods that will allow you to optimize key recovery.
This document is provided as a conceptual supplement to dweputils, a wep
auditing toolset, which is part of the bsd-airtools package provided by
Dachb0den Labs. The basic goal of the article is to provide technical
details on how to effectively implement the FMS attack so that it works
efficiently with both a small amount of IV collection time as well as
cracking and processing time and to provide details on how other pseudo
random generation algorithm (prga) output bytes reveal key information.

ADDITIONAL INFORMATION

The complete document can be found at:
 <http://www.dachb0den.com/projects/bsd-airtools/wepexp.txt>
http://www.dachb0den.com/projects/bsd-airtools/wepexp.txt

The information has been provided by <mailto:h1kari@dachb0den.com> David
Hulton.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

Relevant Pages

  • Re: Is RC4 a good choice?
    ... do you mean the concatenation of the master key K and the IV? ... >got WEP in trouble. ... with RC4 is what gives cause for concern and allows the attack. ... And this brilliant attack used the above factors to do damage. ...
    (sci.crypt)
  • Re: More on RC4/n
    ... > the computer power needed for a successful attack at various bit ... All works i read seem to point to it, higher /n RC4 are harder to ... crack in any of the various ways tried, ... but possibly cross feeding streams should be harder to analyze, imho, ...
    (sci.crypt)
  • Practical Exploitation of RC4 Weaknesses in WEP Environments
    ... Practical Exploitation of RC4 Weaknesses in WEP Environments ... details on how to effectively implement the FMS attack so that it works ...
    (Bugtraq)
  • Re: In 802.11 WEP, why is the IV transmitted plaintext?
    ... >part of THE WEP crack. ... >renowned paper on just such an attack. ... defend against the FMS attack. ... these new protocols, you could take a look at the current issue of the ...
    (sci.crypt)
  • Practical Exploitation of RC4 Weaknesses in WEP Environments
    ... Practical Exploitation of RC4 Weaknesses in WEP Environments ... details on how to effectively implement the FMS attack so that it works ...
    (Vuln-Dev)