FreeBSD Security Advisory FreeBSD-SA-03:09.signal
Brad Knowles
brad.knowles at skynet.be
Wed Aug 13 02:52:01 PDT 2003
At 10:31 AM +0100 2003/08/13, Paul Robinson wrote:
> Great, so I send you 10Mb of WEP traffic caught off the air, you
> can decrypt it for me? You see, to me it's just a big mess of
> encrypted traffic, but you obviously have some secret technique
> (or should that be "t3kni|<" ?) for breaking it trivially. If
> you can't, you've just shown it has some security advantage. Which
> it has.
Given the weak 24-bit IV that is common to both 64-bit and
128-bit WEP, and the way this IV is frequently used, it should be
pretty easy to crack. Just a few hours near a busy wireless access
point is usually more than enough.
If you really do have 10MB of WEP traffic, odds are that's got
enough information to be useful.
--
Brad Knowles, <brad.knowles at skynet.be>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
More information about the freebsd-chat
mailing list