Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

WEP Broken Even Worse

kdawson posted more than 7 years ago | from the give-me-a-minute dept.

Security 393

collin.m writes in with news of results out of Darmstadt. Erik Tews and others there have demonstrated how to recover a 104-bit WEP key in under a minute, requiring the capture of fewer than 10% the number of packets the previous best method called for. The paper is here (PDF). Quoting: "We were able to extend Klein's attack and optimize it for usage against WEP. Using our version, it is possible to recover a 104 bit WEP key with probability 50% using just 40,000 captured packets... for 85,000 data packets [the success probability is] about 95%... 40,000 packets can be captured in less than one minute under good condition. The actual computation takes about 3 seconds and 3 MB main memory on a Pentium-M 1.7 GHz..."

cancel ×

393 comments

Sorry! There are no comments related to the filter you selected.

Can ARC4 be used properly at all? (5, Interesting)

Myria (562655) | more than 7 years ago | (#18595335)

Can ARC4 be used securely at all? Or are WEP's failings its own fault?

On a somewhat related note, I'm annoyed that wireless encryption was implemented in hardware. Nintendo DS's wireless is worthless to me since the encryption system can't be upgraded.

Re:Can ARC4 be used properly at all? (4, Insightful)

Lehk228 (705449) | more than 7 years ago | (#18595607)

disable wireless security and implement real security, such as a RADIUS login. then set up a firewall rule to allow unauthenticated devices to access nintendo's servers

Re:Can ARC4 be used properly at all? (4, Insightful)

drinkypoo (153816) | more than 7 years ago | (#18595657)

disable wireless security and implement real security, such as a RADIUS login. then set up a firewall rule to allow unauthenticated devices to access nintendo's servers

Login authentication does not prevent a man in the middle attack of the breakin sort.

You need end to end encryption, including encrypted login and certificate verification with secure exchange made pre-connection to provide security over a wireless link.

Just another reason why if it's not a PDA or a tablet, you should be using a wire. You can get 100' or more of CAT5E for the price of a 802.11G access point, and an 8 port 10/100 FDX switch with port autonegotiation (auto-crossover, too) is about $20. Good jacks will run you $5 per end. Patch cables are a buck and longer cables are just a few bucks.

Re:Can ARC4 be used properly at all? (5, Funny)

qbwiz (87077) | more than 7 years ago | (#18595777)

Dragging 300' of cable throughout and around your house to use your laptop anywhere you want: priceless.

Re:Can ARC4 be used properly at all? (3, Insightful)

zippthorne (748122) | more than 7 years ago | (#18595821)

It's not the wire that's expensive, it's the holes. In fact, those aren't even the expensive bit. It's the properly out-of-the way and invisible that's expensive.

Re:Can ARC4 be used properly at all? (5, Insightful)

Belial6 (794905) | more than 7 years ago | (#18595893)

I agree with you. That is why I really annoys me that in this day and age, builders are still not putting conduit in walls during construction. I understand a 20 year old house not having conduit in the walls. I can even understand a 10 year old house not having conduit, but any house built in the last 5 years should have conduit to every room. We already know that whatever is in the walls today will be inadequate in another 10 years.

Re:Can ARC4 be used properly at all? (1)

drinkypoo (153816) | more than 7 years ago | (#18595895)

It's not the wire that's expensive, it's the holes. In fact, those aren't even the expensive bit. It's the properly out-of-the way and invisible that's expensive.

Unless you live in an apartment, this is not remotely true. Running your own wires is, well, trivial unless you are physically disabled in some significant way.

If you do live in an apartment, it's much harder because walls have to be ripped apart and put back up, or at the very least to do it gynecologist style you have to put medium-sized holes in the walls and fish cables through (all the work done through holes doncha know.)

Of course, if it's all carpeted, you can typically hide at least one four-pair cat5 just past the edge of the carpet around the edges of rooms. This increases run length, but you're unlikely to have any runs over the length limit for ethernet anyway, in an apartment.

Re:Can ARC4 be used properly at all? (1)

zippthorne (748122) | more than 7 years ago | (#18596057)

If you live in an apartment, it probably doesn't matter that you have wires all over the place. You don't have many rooms, and if you lay things out right, you won't have any wires to trip over.

OTOH, if you live in a house, you don't want ugly blue, gray, whatever wires all over the place uglying up your home and creating trip hazards. Especially if you have more than one floor. No matter what you do, if you're going through walls, it's going to take more than an hour to get what you want. Even if you work at McDonald's, the value of your time exceeds the copper by a significant margin.

Re:Can ARC4 be used properly at all? (1)

drinkypoo (153816) | more than 7 years ago | (#18596155)

If you live in an apartment, it probably doesn't matter that you have wires all over the place. You don't have many rooms, and if you lay things out right, you won't have any wires to trip over.

Well, I agree with this argument.

OTOH, if you live in a house, you don't want ugly blue, gray, whatever wires all over the place uglying up your home and creating trip hazards.

So part of your argument is that uglying up your apartment is okay? Because the wires don't become invisible in an apartment.

No matter what you do, if you're going through walls, it's going to take more than an hour to get what you want.

And if I have to deal with a bunch of security bullshit, then it's going to take more than an hour to get what I want. I'm still looking for a salient point.

Even if you work at McDonald's, the value of your time exceeds the copper by a significant margin.

And what is the time I spend dealing with wireless security worth? Is that time somehow not worth anything? Is it only an intellectual exercise instead of work because I don't have to climb a ladder? Personally I feel just the opposite. If I have to use my brain in a way that doesn't involve fun in my off time, that's called work. Whereas a little physical labor is just nothing, mostly because I sit on my ass for a living. (Well, I tap keys and twiddle the mouse, too.)

Now if someone simply wants to argue that they're too much of a potzer to work a fish tape (a tape measure works in most home situations, BTW) then I can accept that. Or again, if they're disabled and can't do the work, I can understand. If you'd just rather do the intellectual work and call it play, that's fine. But it takes effort for both situations and at the end of the day only one can be snooped trivially from outside your house if you get it wrong.

Re:Can ARC4 be used properly at all? (5, Insightful)

valkraider (611225) | more than 7 years ago | (#18596125)

Unless you live in an apartment, this is not remotely true. Running your own wires is, well, trivial unless you are physically disabled in some significant way.

Uhmm, methinks you have not actually done this much... Or at least not in many houses.

Things like lath&plaster, plumbing, strange placement of studs, lack of crawlspaces, windows, carpet, laminates, tile, doors, fireplaces, and foundations - all sorts of stuff really makes it not, well, trivial.

Re:Can ARC4 be used properly at all? (4, Funny)

spun (1352) | more than 7 years ago | (#18596395)

Thank you! It's not as trivial as the GP makes it sound at all. I had a buddy who drilled through a wall and straight into the mains once. Yeah, that's it, a buddy of mine. Not me. Really, I'd never be that dumb.

Re:Can ARC4 be used properly at all? (1)

SkyDude (919251) | more than 7 years ago | (#18596551)

Things like lath&plaster, plumbing, strange placement of studs, lack of crawlspaces, windows, carpet, laminates, tile, doors, fireplaces, and foundations - all sorts of stuff really makes it not, well, trivial.

Not to mention that too many home owners are tool challenged.

Re:Can ARC4 be used properly at all? (1)

Talgrath (1061686) | more than 7 years ago | (#18596025)

Bull. I set up my entire house with jacks, there's one in my living room, one in my room, one in my kitchen, one in my each of my kid's rooms (three total) and one in the computer room; while I wouldn't say the wires are invisible, you do need to pay attention to see them. Total cost: about $50, plus a few hours of my time. It's honestly not that hard to do either, all you're doing is running wires; of course, you do need to have some knowledge about what the hell you're doing.

Personally, I won't do anything that I want to be secure on a wireless network; they're way too easy to break into and that's my advice to anyone working on a wireless network.

Securing a wireless router and using the NDS... (1)

MS-06FZ (832329) | more than 7 years ago | (#18596047)

disable wireless security and implement real security, such as a RADIUS login. then set up a firewall rule to allow unauthenticated devices to access nintendo's servers
Not too shabby. Question for ya, though: Does all the traffic for those NDS games go through the Nintendo servers, or is it routed straight to the other players? Sending packets directly playerplayer would be faster but it would also make it harder to deal with NAT and firewalls, I suppose...

And can you actually make a wireless router accept both secured and unsecured connections (or WPA and WEP connections) at the same time? So, for instance, the laptops of the house would all use WPA and the NDS would use WEP?

Re:Securing a wireless router and using the NDS... (1)

weg (196564) | more than 7 years ago | (#18596437)

So, for instance, the laptops of the house would all use WPA and the NDS would use WEP?

That wouldn't really increase the overall security of the network. If somebody wanted to break in, he'd just crack the WEP encryption..

Re:Can ARC4 be used properly at all? (1)

e_tews (1083769) | more than 7 years ago | (#18595611)

It is a little bit WEPs fault. I think RC4 can still securely be used. For examle in TKIP or in SSL/TLS the RC4 key generation differs from the algorithm WEP uses, and can still be seen as secure.

Re:Can ARC4 be used properly at all? (5, Informative)

stinerman (812158) | more than 7 years ago | (#18595671)

The problems with WEP have nothing to do with RC4. The problem is that the initialization vectors end up being reused because they are only 24 bits. Reusing IVs is a major no-no when dealing with a stream cipher. And to compound that, the implementation allows for a 50% chance to use the same IV after only 5000 packets. (see wikipedia)

RC4 is still just as secure as it was before these WEP attacks.

Re:Can ARC4 be used properly at all? (0)

Anonymous Coward | more than 7 years ago | (#18595997)

This seems to match what my understanding is.

Basicly, you initialize RC4, and then it generates a nice long stream of encrypted data for you. Its designed for a relatively small number of long streams and keeps the strings from being cracked even if they're quite long.

But WEP takes this algorythm and uses it to make a lot of very small strings (each packet is seperate). Since the initialization of the stream is relatively weak (because it doesn't have to be strong in proper usage), its much easier to crack in this implementation. What they needed to do was A) use an encryption system that was designed for large numbers of small streams, with less spent on keeping the millionth bit of the message from being repeatably cracked and more on keeping the first thousand from being cracked and B) not screw it up even worse.

Re:Can ARC4 be used properly at all? (5, Insightful)

kakos (610660) | more than 7 years ago | (#18596467)

Get a clue. The weakness in WEP has everything to do with a vulnerability in RC4 (specifically this one [drizzle.com] ). The vulnerability is due to the fact that there is a weakness in RC4's key scheduling algorithm that allows an attacker to obtain the whole key from only a very few bits that just happen to be in the first 24-bits of the key. Since the IV does repeat, it is easy to obtain packets with the weak key bits. However, if WEP did not use RC4, that vulnerability wouldn't be there and you couldn't break WEP using that attack.

Re:Can ARC4 be used properly at all? (0)

Anonymous Coward | more than 7 years ago | (#18596575)

I guess that means CipherSaber-1 is still safe with its 80-bit IV.

Re:Can ARC4 be used properly at all? (4, Informative)

linuxmop (37039) | more than 7 years ago | (#18595917)

Wireless encryption is (often) implemented in hardware because encryption is expensive to perform. This is especially true on embedded platforms like the DS.

However, you can apparently upgrade your DS to support WPA with a hacked firmware [geekboy.ca] . It's not clear from the page, but I am fairly sure that it only supports TKIP encryption and not AES since, like WEP, TKIP uses RC4 so does not require a hardware upgrade. It does, however, solve the initialization vector problems of WEP that another poster mentioned; as far as I know, TKIP has not been broken.

Moral? If you're still using WEP, update your drivers and firmware and you may be able to get TKIP WPA and get those pesky neighbors off of your connection.

Nintendo DS can do WPA (apparently) (1)

SonnyJimATC (939056) | more than 7 years ago | (#18596161)

There's someone working on a firmware patch (or some such), but it looks dubious to me and also requires a specific flashcart: http://geekboy.ca/wifi/?cat=2/ [geekboy.ca] Also it's probably possible for DSLinux (http://www.dslinux.org/ [dslinux.org] ) to support WPA and wpa_supplicant has been ported but it requires some more work on the driver before it'll function properly. Trouble is none of the current dev's are really au fait with WPA, so any help is gratefully accepted.

Who even still users WEP? (2)

RedElf (249078) | more than 7 years ago | (#18595355)

Hasn't most everyone moved to WPA-PSK by now?

Re:Who even still users WEP? (0)

bobcat7677 (561727) | more than 7 years ago | (#18595399)

To answer your question in a word: "No"

I could give examples but it seems like a waste of keystrokes in this instance.

Still the illusion that it's "safe" (1)

athloi (1075845) | more than 7 years ago | (#18595415)

Code up a windows binary for this exploit, and everyone will move to WPA-PSK much faster!

Re:Who even still users WEP? (4, Insightful)

Knara (9377) | more than 7 years ago | (#18595431)

No. Even a cursory glance at your laptop next time you are in a commercial parking lot will tell you that (or at an apartment complex).

Re:Who even still users WEP? (1)

RedElf (249078) | more than 7 years ago | (#18595843)

I live in an expensive condo complex and haven't seen a WEP network in the premise for a very long time, hence my original post.

Re:Who even still users WEP? (0)

Anonymous Coward | more than 7 years ago | (#18595961)

Why did you throw 'expensive' in there? Trying to brag? It shouldn't have an real bearing on WEP vs WPA.

Re:Who even still users WEP? (1, Insightful)

Eugenia Loli (250395) | more than 7 years ago | (#18595455)

There ARE people out there who are FORCED to use WEP because they use it with older devices that don't support anything else. It would be very expensive replacing all these specific/mobile devices just so they can use a new encryption.

Re:Who even still users WEP? (1)

COMON$ (806135) | more than 7 years ago | (#18595705)

Technically you are never forced. There are wonderful tools that can keep you safe even if you are on a wide open network. OpenVPN comes to mind, or for the less technically minded there are many many many, easy to set up vpn clients out there for free use.

Corporate Greed (5, Informative)

Lead Butthead (321013) | more than 7 years ago | (#18596351)

My understanding is that it should be easy enough to implement WPA on older (.11a/b) hardware, but companies much rather sell end user new hardware (.11g etc.) than spending development time to upgrade old hardware (that does not generate additional revenue.) This is evident in that Apple's old AirPort (.11b) does support WPA but other venders' (that would include YOU, Linksys) old .11a/b products do not.

Re:Who even still users WEP? (1, Informative)

drinkypoo (153816) | more than 7 years ago | (#18595475)

AFAIK I have precisely zero pieces of 802.11 equipment with WPA support. I have a broadcom PCI 802.11G adapter, it MIGHT have it. NONE of my 802.11b hardware does. The laptop I use, which work owns, does have WPA support, but nothing I have will speak WPA to it anyway. If I need security I use VPN and firewall all other traffic.

Re:Who even still users WEP? (2, Insightful)

jrumney (197329) | more than 7 years ago | (#18595633)

All my pieces of wifi equipment but one support WPA-PSK, but it only takes one piece of equipment to tie me to WEP.

Re:Who even still users WEP? (0, Troll)

StikyPad (445176) | more than 7 years ago | (#18595799)

> Who even still users WEP?

I have precisely zero pieces of 802.11 equipment with WPA support
So.. your answer is "people who don't upgrade." Not to sound discriminatory, but I'm pretty sure he wasn't including you in the question, much the way when I say "Who doesn't run a firewall?" I'm not including people who still use C64s. Talk to us again when all your hardware supports WPA, but you still use WEP anyway.

Re:Who even still users WEP? (4, Insightful)

drinkypoo (153816) | more than 7 years ago | (#18596055)

So.. your answer is "people who don't upgrade." Not to sound discriminatory, but I'm pretty sure he wasn't including you in the question, much the way when I say "Who doesn't run a firewall?" I'm not including people who still use C64s. Talk to us again when all your hardware supports WPA, but you still use WEP anyway.

Well, that was an incredibly arrogant response from someone who refuses to examine reality.

How many environments are you familiar with in which everything is always upgraded all at the same time, in which all of the hardware works the first time, and in which you never become dependent on a legacy product for any length of time?

Here in the really real world, we often have reasons to utilize legacy hardware. What if I've got one of those $1500 bar code scanner boxes and it doesn't support WPA and there's no upgrade to provide it? Am I going to spend $1600 for this year's model with two more buttons and WPA support? Or am I going to keep using this device as long as I think I can get away with it? What if I don't have budget to buy a replacement? What if it's not even my decision?

Like I said, here in the real world, we often have to use suboptimal equipment. And I assure you that huge numbers of corporations, including those amongst the fortune whatever, are still using wifi gear with no WPA support on a daily basis.

Re:Who even still users WEP? (1)

valkraider (611225) | more than 7 years ago | (#18596215)

"precisely zero"
I do not think that means what you think it means.
laptop + broadcom 802.11G adapter != precisely zero

Re:Who even still users WEP? (5, Insightful)

ukatoton (999756) | more than 7 years ago | (#18595487)

2 words: Legacy Hardware I have 2 computers in my house with cards that don't support WPA. If I were to set my router to run with WPA, then my sister would not be able to connect to the network. If i told her the security implications, she wouldn't understand nor care. Upgrading the network would mean me footing the bill for new wireless cards unless I can convince my dad that there is a real reason to upgrade to better security. However, this is unlikely.

Re:Who even still users WEP? (1, Redundant)

Eugenia Loli (250395) | more than 7 years ago | (#18595537)

Exactly. And then there are lots of PDAs and similar devices that don't have upgradable WIFI cards. Unfortunately, WEP won't go away so fast.

Re:Who even still users WEP? (5, Funny)

eclectro (227083) | more than 7 years ago | (#18596531)

unless I can convince my dad that there is a real reason to upgrade to better security.

Is your sister cute? Does she have pictures of herself on her computer?

Re:Who even still users WEP? (1)

Nom du Keyboard (633989) | more than 7 years ago | (#18595513)

Not those of us still with 802.11b routers that work just fine, already run faster than our cable connection, and give us no reason to pay for every lower-case letter update that comes along. Maybe when 'n' is ratified, certified, and gone through it's first couple price drops it will be worth upgrading.

Re:Who even still users WEP? (0)

Anonymous Coward | more than 7 years ago | (#18595655)

802.11b routers that work just fine, already run faster than our cable connection
What??!?! Are you still using ARCnet or something?

My god man, if you're using 802.11b because it's faster than a wired connection then you have some serious hardware issues to begin with.

Re:Who even still users WEP? (2, Insightful)

zippthorne (748122) | more than 7 years ago | (#18595867)

It's faster than his Internet connection, which apparently is a cable modem. No need to go significantly faster than the main bottleneck. Especially if the LAN is mostly used to share the WAN anyway.

Re:Who even still users WEP? (1)

Nom du Keyboard (633989) | more than 7 years ago | (#18595889)

What??!?! Are you still using ARCnet or something?

I'm using a cable connetion that the Comcast claims is 6Mbs down, not that I ever see it, and 400Kbs up. 802.11b is a raw 11Mbs max, and with a solid connection I see about half of that. The best actual cable performance I've seen lately (dslreports) is 2522Kbs down, which doesn't tax 802.11b. Why pay for 'g' at 54Mbs maximum when the connection to the rest of the world won't see a bit of that?

Have you figured out now that the only thing I'm using wireless for is connect a computer to my cable connection, which is located in a different place in my house with no wire between them?

Re:Who even still users WEP? (1)

alanoneil (749691) | more than 7 years ago | (#18595909)

"cable" here most likely refers to the internet provider used. That is, even "old" 802.11b hardware at 11mb/s half-duplex can easily saturate a standard home broadband connection at 1.5mb/s. Most home networks aren't for sharing files, but rather "the web" and maybe an odd printer here and there.

Re:Who even still users WEP? (1)

Masami Eiri (617825) | more than 7 years ago | (#18595919)

Last I checked, the fastest available cable internet solution (in the US) is 8 Mbps. 802.11b runs at 11 Mbps. 11 - 8 = 3. The wireless runs 3 Mbps faster.

Re:Who even still users WEP? (1)

wolrahnaes (632574) | more than 7 years ago | (#18596337)

Check more often. I have 10mbit both at my apartment and at my office, on two different ISPs. The ISP serving my apartment will be offering 20mbit come fall. A few cable providers, particularly in FiOS areas, are offering 15+ already.

Re:Who even still users WEP? (1)

pedrop357 (681672) | more than 7 years ago | (#18596579)

I get 10 down/1 up in Las Vegas and I usually see full speed.

The data rate of 802.11b might be 11mbps, but the throughput is most certainly not. With no security, I got around 6.5mbps. Turning WEP or WPA on brought this down into the mid 5s. I've never ever gotten 7 or more mbps throughput with my 802.11b equipment.

For the record, my current access point (Cisco 1242AG) nets me around 26mbps throughput (with 100% quality and strength) on the a/g sides when copying large files across my network.

Re:Who even still users WEP? (1)

313373_bot (766001) | more than 7 years ago | (#18596137)

Maybe the OP meant cable modem connection?

Re:Who even still users WEP? (1)

aschlemm (17571) | more than 7 years ago | (#18595545)

Some of my neighbors use WEP or no encryption at all. In scanning all WIFI networks in range of my laptop from my home, my WIFI network is the only one using WPA-PSK. I'm in the burbs but I've noticed more networks using WPA in urban areas but it's not even close to 100% yet.

Re:Who even still users WEP? (3, Informative)

Southpaw018 (793465) | more than 7 years ago | (#18595619)

Unfortunately, Nintendo has outright refused to support WPA on the DS. Those who use the DS online regularly must either fall back to WPA or resort to completely unsecured communication. Or change their router's settings every single time they want to play online.

Nintendo's response to this is, last I checked, "well, disable WEP and then turn off your computer," which is obviously ridiculous.

Re:Who even still users WEP? (1)

Southpaw018 (793465) | more than 7 years ago | (#18595789)

Wooops. Cut-pasted too fast, switched WPA and WEP around the second time I mentioned them.

Re:Who even still users WEP? (1)

RyuuzakiTetsuya (195424) | more than 7 years ago | (#18595729)

no, my goddamn Nintendo DS doesn't do WPA.

!@*_!@#_!@*#!(_@#!_(@#

I'm half tempted to lock down my wireless and just buy the usb dongle and use my laptop for Nintendo DS Wifi.

Nice try but... (0, Redundant)

MarkByers (770551) | more than 7 years ago | (#18595883)

WPA can also be broken, and unlike WEP, you only need to sniff one packet. Tools to crack a WPA key are freely downloadable.

Re:Nice try but... (1)

AbRASiON (589899) | more than 7 years ago | (#18596397)

Perhaps so but if your password is not a standard dictionary word and exceeds around 12 or more digits, it's pretty much secure for life.

Re:Nice try but... (4, Informative)

wolrahnaes (632574) | more than 7 years ago | (#18596483)

WPA "cracks" are all just brute force, which you could also do with WEP and any other encryption algorithm. It just takes fucking forever (assuming the user chose a key that was more than just a dictionary word). These WEP attacks are actually flaws in the design of the system which allow you to crack a key many times faster than brute force.

Rainbow tables, dictionaries, and the like are all just variations on brute force. They accelerate the process, but either way you're not actually breaking the encryption but instead using a crapload of processor power to try one key after another until you hit the right one.

Saying WPA is insecure because there is a brute force tool for it is like saying the a lock is insecure because I could go and start trying combinations. 1-1-1....1-1-2....1-1-3.........

Re:Who even still users WEP? (1)

RalphSleigh (899929) | more than 7 years ago | (#18596071)

Where I am sitting there are 2x WPA (one is mine), 3x WEP and 1 unsecured, so no.

Does it matter? (0)

Anonymous Coward | more than 7 years ago | (#18596141)

WPA-PSK is only slightly more secure than WEP. Best wifi security is to not use it.

Remember, wired is the networkng technology of the future.

Re:Who even still users WEP? (2, Informative)

Zadaz (950521) | more than 7 years ago | (#18596173)

I live in downtown San Francisco. If I put my laptop in my kitchen window I can pick up 46 wireless networks.

2 of them are WPA-PSK (including mine)
12 of the are unsecured.
The rest are WEP.

7 of the WEP encrypted ones are the DSL router/wireless access point that AT&T hands out. As far as I can tell this piece of hardware can't be configured in any way, can't even change your WEP key.

Re:Who even still users WEP? (1)

Psych0_Jack (726837) | more than 7 years ago | (#18596449)

So why are you paying for internet again? Or do you just run bittorrent off a different network each day. Actually thats a really good idea for staying anonymous, using a different access point every day.

Re:Who even still users WEP? (1)

SkyDude (919251) | more than 7 years ago | (#18596593)

Hasn't most everyone moved to WPA-PSK by now?

Slashdot types have, but then again, there are many systems out there that didn't even have WEP turned on. They plugged it in, turned on their PC and that was the last time they had anything to do with wireless networking.

I know because I have used my neighbor's connection. I am such a scumbag........

So what... (1, Interesting)

gatkinso (15975) | more than 7 years ago | (#18595419)

....well, not really.

But many home users run their access point completely open and never have a problem. WEP still will make an attacker have to actually break in - negating their excuses of "well it *was* wide open , so..."

Of course, this vulenrability applies to those would wish to/need to secure their networks.

Re:So what... (1)

QuantumG (50515) | more than 7 years ago | (#18596581)

Yeah man. I don't know why people don't encrypt their telephone lines, or put alarm systems on their power box. It's their own fault if people use their phoneline to make calls or leech power.

Back in the courtroom (5, Funny)

Nom du Keyboard (633989) | more than 7 years ago | (#18595423)

Your Honor, I was using WEP on my Linksys when the RIAA claimed their agents, Media Sentry, claimed that my IP address was involved in illegal filesharing. I was taking the best precautions my poor little 802.11b router can handle. Allow me to now introduce a paper here explaining how my system can be broken by the average desktop computer in less than a minute.

Case Dismissed!

Re:Back in the courtroom (3, Insightful)

TheGratefulNet (143330) | more than 7 years ago | (#18595683)

its modded as funny BUT its a VERY valid defense, I would think (ianal).

there is significant doubt as to who the user of a wireless lan really is.

in fact, it now makes sense to DOWNGRADE wireless AP's due to this...

(and then just run ssh on top of it, for sessions that truly need privacy).

Re:Back in the courtroom (1)

kramulous (977841) | more than 7 years ago | (#18595969)

Agreed .... was modded as funny but makes a valid point ... especially to my non-legal mind.

Re:Back in the courtroom (1)

burris (122191) | more than 7 years ago | (#18596315)

Except in a civil suit the standard of evidence is merely "preponderance of evidence" and not "beyond reasonable doubt."

Re:Back in the courtroom (1)

topical_surfactant (906185) | more than 7 years ago | (#18596557)

WEP use in a heavily populated area plus a "clean" hard disk examined by a forensics expert ought to be enough to tip the scales in favor of the defendant, even in a civil trial. At least I hope, from this non-lawyer point of view.

Re:Back in the courtroom (0)

Anonymous Coward | more than 7 years ago | (#18595953)

Plausible deniability is a good thing.

I've always wondered how I could get plausible deniability and I think I just found it. WEP secured wireless.

Any attorney worth $.02 can show it is not only possible, but probable that the WEP encryption was broken and "others" leeched my internet connection from me. Which, BTW, is just fine by me. Since I live by myself, it would be hard to point the finger elsewhere without wireless in there somewhere.

Re:Back in the courtroom (1)

QuantumG (50515) | more than 7 years ago | (#18596393)

Shame about the file fragments (or whole files) they'll find on your harddrive.. which the court will compell you to produce to a forensic expert. You're better off planting a worm infection on your computer.. then claim you were part of a botnet.

Does this still depend on weak IVs? (3, Interesting)

Zarhan (415465) | more than 7 years ago | (#18595493)

For some reason I can't get the paper to load, but anyway, does this still depend on weak initialization vectors?

I know that the original attack did depend on that, and most software and basestations have since been configured to avoid those weak IVs. I know that some stuff (like Nokia's basestations) are still weak agains the original attack (at least when tested with Kismet), however, against Cisco Aironets and almost any newer hardware I haven't been able to see this weakness in action when trying out if it really works...

(Terabeam uses the term "WEPPlus" about this - see http://www.terabeam.com/solutions/whitepapers/wep- plus.php [terabeam.com] )

Anyway, if this is just extension of the original attack, then it still requires those weak IVs to exist.

Or is it something completely new?

Re:Does this still depend on weak IVs? (4, Informative)

tbo (35008) | more than 7 years ago | (#18595649)

For some reason I can't get the paper to load, but anyway, does this still depend on weak initialization vectors?

According to the article, the attack does not require weak IVs. They haven't actually tested against WEPplus, but expect the attack to still work against it. In other words, WEP in all its forms is now nothing more than an electronic "No trespassing sign" and 3-foot fence.

Re:Does this still depend on weak IVs? (1)

ookabooka (731013) | more than 7 years ago | (#18595707)

Does aircrack-ptw work against WEPplus?

This has not been tested due to lack of equipment supporting WEPplus. Since WEPplus only avoids the weak IVs of the original FMS attack, we foresee no problems in applying the attack against WEPplus

So you probably still aren't secure.

Re:Does this still depend on weak IVs? (1)

e_tews (1083769) | more than 7 years ago | (#18595731)

Hi This is attack is not based on the original WEP attack anymore and doesn't know the concept of weak IVs. I think WEPPlus won't have any noticeable impact on the successrate of the attack. If you managed to load the paper, have a look at the plot of the successrate of the paper. The graph labeld linux iv keylimit 1000000 should be more or less exactly the successrate the attack should have in an WEPPlus environment. This rate doesn't differ much from the optimal rate.

WEP is as WEP does (1)

svvampy (576225) | more than 7 years ago | (#18595501)

Even the acronym is broken. Isn't WEP one of the contributors to the bollocksy promotion of extra bits for security instead of a better model?

What about 64 and 128 bit? (3, Interesting)

andy55 (743992) | more than 7 years ago | (#18595639)

This may be a dumb question, but why does TFA only refer to 40 and 104 bit WEP when the more common variants seem to be 64 and 128 bits?

Re:What about 64 and 128 bit? (4, Informative)

!ramirez (106823) | more than 7 years ago | (#18595677)

Because there's a 24-bit IV, or initialization vector, that is not strictly considered part of the keyspace.

Re:What about 64 and 128 bit? (1)

jrumney (197329) | more than 7 years ago | (#18595721)

I don't know the full details of why, but not all those bits actually get used. I have seen them referred to as "64 bit (40 bit effective)" and "128 bit (104 bit effective) encryption". The hex keys contain 64/128 bits, but the encryption algorithm uses a 40/104 bit key derived from that.

Re:What about 64 and 128 bit? (3, Informative)

Galaga88 (148206) | more than 7 years ago | (#18595739)

Not a stupid question, a good question.

WEP uses a 24 bit initialization vector, and the rest is left for the actual key. So 40 bit = 64 bit - 24 bit IV. Same for 128 = 104. People just use the terms interchangably (for better or for worse).

Re:What about 64 and 128 bit? (0)

Anonymous Coward | more than 7 years ago | (#18595811)

Because the 64 and 128 bit numbers are after the Initialization Vectors [wikipedia.org] have been added. The actual passwords are 40 and 104 bits respectively.

Re:What about 64 and 128 bit? (1)

StryfeX (1046428) | more than 7 years ago | (#18596171)

Because WEP adds 14 bits to the 40 bit key to get 64 bits, and 24 bits to the 104 bit key to get 128 bits.

I'm sure someone can offer more info, but that's what I remember off the top of my head as I'm leaving work.

--Stryfe

Don't worry about it (1)

WindBourne (631190) | more than 7 years ago | (#18595755)

Just upgrade ALL of your wireless hardware to avoid this. Or you could simply wire up your place and have secure communications at a faster speed and lower price.

Re:Don't worry about it (0)

Anonymous Coward | more than 7 years ago | (#18596069)

Wireless security on my home network doesn't concern me nearly as much as security on the wire coming in from the internet.

My housemate just had $3000 taken from her bank account my thieves courtesy of spyware on her computer. Not much my fancy iptables skills can do about that. Though if she'd asked me to fix up her PC to stop infections in the first place, I'd have done it for a couple of beers.

Re:Don't worry about it (0)

Anonymous Coward | more than 7 years ago | (#18596097)

And the nintendo DS uses a wired connection how?

Can you point me to the upgrade for the DS that enables WPA?

No problem for me (5, Funny)

NotFamous (827147) | more than 7 years ago | (#18595853)

I use 56-bit WEP and I've never had.... ATTN: YOU HAVE WON THE IRISH LOTTERY PLEASE respons immediately to... ...so I don't see why it is a big deal?

Simple, cheap, easy solution (0, Redundant)

DogDude (805747) | more than 7 years ago | (#18595873)

Cat 5 cable. It's cheaper, faster, more reliable, and more secure.

Re:Simple, cheap, easy solution (2, Insightful)

Gothmolly (148874) | more than 7 years ago | (#18595985)

Wireless is NOT cheaper than cable. A wireless card for my PC was $29. To run wire, crimp the ends, drill through the floor, and install an outlet box would be more than that, just in parts. Scale it up to a few people in the house, and throw in an occasional laptop, and the cost of wiring becomes ridiculous.

Re:Simple, cheap, easy solution (1, Funny)

Anonymous Coward | more than 7 years ago | (#18596031)

just run the cables under rugs like every reasonable person does

btw were you smoking crack when you wrote that post?

Re:Simple, cheap, easy solution (1)

Nom du Keyboard (633989) | more than 7 years ago | (#18596035)

Cat 5 cable. It's cheaper, faster, more reliable, and more secure.

Faster, yes.
More reliable, likely.
More secure, ceratinly.
Cheaper? ABSOLUTELY NOT! Pulling cables through the walls, and underground to a detatched building, was several times the cost of the router and access point, let alone the convenience when other family members bring their laptops and PDAs over.

Today on duh news. (4, Funny)

kinglink (195330) | more than 7 years ago | (#18595925)

WEP insecure! Coming up at 6PM Bill Gates still really really rich.

Breaking News (1)

PhunkySchtuff (208108) | more than 7 years ago | (#18595993)

Hardly... WEP is known to be thoroughly broken - it doesn't really matter that now it's even more broken than before - the fact remains that it's no good.
WPA has been around for something like 2½ years now, and it is a travesty if the wireless chipset you're using doesn't support it.

The simple solution is continue to use WPA, like you should have been doing for years...

Might be bad news for home linux users... (1)

Medievalist (16032) | more than 7 years ago | (#18596143)

Linux wireless support is OK for connecting to large corporate networks with RADIUS and 802.1x with enterprise-class WPA. I routinely do it with Ubuntu, Fedora, and Red Hat linux; it even works with Network Manager. Well, most of the time with Network Manager... Recent versions of Network Manager... And it always works with a painstakingly hand-crafted custom-compiled WPA supplicant, even on Fedora, you just have to bleed some neurons out of your ears figuring it out the first time.

But for home networks, I've only found WEP to work really well. Trying to get "personal" WPA PSK working from a linux laptop to a commercial broadband router like a linksys or FIOS box is brutally painful, even with decades of experience, and if you have Network Manager flailing around hijacking your wifi hardware every few minutes it's even worse. If you wanted a rock-solid, high-bandwidth wireless connection with enough encryption to convince casual wardrivers to use the neighbor's connection instead of yours, you just ran WEP-128 on your dd-wrt box, and happily connected up with Network Manager or iwconfig... but if the next version of the stumbler's going to crack your WEP nearly instantaneously the weak deterrent effect of WEP just went out the window!

Re:Might be bad news for home linux users... (0, Troll)

CatOne (655161) | more than 7 years ago | (#18596233)

This is a Linux limitation, not a system limitation. OS X has supported WPA Personal for > 2 years, and WPA 2 Personal for at least 1.5 years on all systems.

Seems if you want a secure system you should stay away from a Linux laptop at home. But that's not really anything new. If you want a system that sleeps/wakes out of the box without tweaks a Mac would work nicely for that as well.

Re:Might be bad news for home linux users... (-1, Troll)

Anonymous Coward | more than 7 years ago | (#18596603)

Kill yourself, MacFag. Nobody cares about your expensive proprietary homosexual poser OS here.

Re:Might be bad news for home linux users... (1)

matts-reign (824586) | more than 7 years ago | (#18596275)

I found it to be incredibly easy to use WPA supplicant on my home network. I simply put the key in, and joined my SSID. 30 seconds on something i'd never done before. I'm sure if I had a desktop env. like KDE running, it would have taken care of things too.

Re:Might be bad news for home linux users... (1)

ruserious (910291) | more than 7 years ago | (#18596305)

Say what? I've been using WPA with PSK since Dapper with the default network-manager packages from the repos. No custom anything. I have an intel ipw2200 in my notebook, and a (branded) zyxel 660hw router. I click on the GUI choose a network, enter my WEP or WPA key, and it just works. It was that way on Dapper, and it's still that way on Edgy.

If you want to work around network-manager in "esoteric" situations (I sometimes have to if there is no DHCP), you can simply

sudo /etc/dbus-1/event.d/25NetworkManager stop
ifconfig.....

And later, when you're done and go back to your home network, you restart network-manager likewise. It's easily scripted.

Re:Might be bad news for home linux users... (1)

landattack (993189) | more than 7 years ago | (#18596621)

I have been using WPA-PSK at home on the *nix machines I have. wpa_supplicant works wonders with the Atheros card and for the Ralink RT2500 I just use iwpriv to setup the interface to use WPA-PSK in /etc/network/interfaces.

If you can only use WEP, then VPN or SSH tunnel (1)

speculatrix (678524) | more than 7 years ago | (#18596181)

If you have no choice but to use WEP, then you should strongly consider using a VPN between clients and the connected network!

In a corporate environment where it's hard to control who knows the passwords, do NOT bridge the wireless network to your secure cabled network but put it on a DMZ and allow limited services out to the internet, and even fewer into the corporate wired lan.

Re:If you can only use WEP, then VPN or SSH tunnel (1)

ardor (673957) | more than 7 years ago | (#18596447)

In theory, VPN is a good idea.
But setting up one is one of the most difficult things known to man.

10 minutes, 1 minute... no big deal (3, Interesting)

geekinaseat (1029684) | more than 7 years ago | (#18596559)

This isn't really news. It's pretty smart that they have managed to crack WEP with so few IVs (it usually takes about 200,000 for 64bit and just under a million for 128bit) but in reality this doesn't change (or expose) WEPs inherent vuneribilities at all, for example I am currently doing my dissertation on wireless security and in tests WEP64 on average can be cracked in about 3 minutes and WEP128 in about 10 minutes so getting this down to a minute doesn't really change the fact that a hacker could capture enough packets simply by hanging around and drinking a coffee using the "old" tools.

An interesting sidenote is that the amount of time a hacker needs to be near a target WLAN for WPA-PSK is measured in seconds making it much more insecure if it has a weak passphrase than WEP is even now with crack times under a minute.

Please if you want a secure home wireless network choose WPA-PSK and make the passphrase as long and as abstract as possible, nothing else is safe -and if you have the cash... buy a radius server

The most obvoius solution. (2, Insightful)

Randseed (132501) | more than 7 years ago | (#18596599)

The most obvious solution is to have each machine that connects over wireless use a VPN. Everything coming in over anything other than the VPN is discarded.

Since this is Slashdot, I request a community service: Come up with a script/whatever where this is simple.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?