[MLB-WIRELESS] Re: Strong WEP Key Generator

Tom Parker tparker at netspace.net.au
Tue May 6 07:12:20 EST 2003


Well if you play your mp3s across 802.11 like I do, then an hour or so's worth I think.
I'm using cipe tunneling instead of WEP (http://cipe-win32.sourceforge.net/ and
http://sites.inka.de/sites/bigred/devel/cipe.html).

Cheers,
Tom

----------------------------------
Tom Parker tparker at netspace.net.au
http://www.wiresncode.com/projects



> -----Original Message-----
> From: owner-melbwireless at wireless.org.au
> [mailto:owner-melbwireless at wireless.org.au]On Behalf Of rik
> Sent: Tuesday, 6 May 2003 12:53 AM
> To: paul van den bergen; melbwireless at wireless.org.au
> Subject: Re: [MLB-WIRELESS] Re: Strong WEP Key Generator
>
>
> but how much data do they have to collect before they can crack a 128bit in
> a few hours? isnt it like 2 weeks worth?
>
> ----- Original Message -----
> From: "paul van den bergen" <pvandenbergen at swin.edu.au>
> To: <melbwireless at wireless.org.au>
> Sent: Monday, May 05, 2003 7:15 PM
> Subject: Re: [MLB-WIRELESS] Re: Strong WEP Key Generator
>
>
> > just been looking at this... here is a link to help sort out all the
> mess...
> >
> > http://www.80211-planet.com/tutorials/article.php/1490451
> >
> > Key phrase for this subject (though the problem is far worse than opne
> might
> > immediately appreciate)
> >
> > quote
> > You see, WEP's practical problem has always been that administrators tend
> to
> > stay with the same key for months, because there's no easy way to transfer
> > new WEP keys. They have to manually set them in each access point and NIC.
> > With a small key, WEP's typical 40 bit-key, a cracker can pick up enough
> > frames based on the same key to figure it out in hours. A longer key, even
> > 256-bits, just means that a cracker needs to collect more data. Thus,
> while a
> > long key will certainly discourage casual data raiders, if someone is
> > determined to be a wireless spy, they do it with a few weeks of data
> > collecting.
> > end quote
> >
> > And I believe this is only one attack vector - there are others, but I
> know
> > too little to say if they have been fixed or not.
> >
> > On Mon, 5 May 2003 05:15 pm, Joris wrote:
> > > On Sun, May 04, 2003 at 11:49:22PM -0700, Jouni Malinen wrote:
> > > > On Mon, May 05, 2003 at 08:48:23AM +1000, Jason Hecker wrote:
> > > > I don't know whether one should really call anything related to WEP
> > > > "strong" ;-), but let's forget that for a moment and concentrate on
> key
> > > > generation..
> > > >
> > > > What exactly makes those keys "strong"?
> > >
> > > The fact that it's more random than your average birthday or kids name,
> > > like most people do.
> > >
> > > I don't think that site was intended for strong cryptographical
> > > purposes, but to help Mr and Mss Sixpack...
> > >
> > > > I would not call that strong key; it looks more like false sense of
> > > > security. Actually, that's quite good match for WEP security.. ;-)
> > >
> > > Yep.
> > > If you change the target audience, it starts making sense...
> >
> > --
> > Dr Paul van den Bergen
> > Centre for Advanced Internet Architectures
> > caia.swin.edu.au
> > pvandenbergen at swin.edu.au
> > IM:bulwynkl2002
> > "And some run up hill and down dale, knapping the chucky stones
> > to pieces wi' hammers, like so many road makers run daft.
> > They say it is to see how the world was made."
> > Sir Walter Scott, St. Ronan's Well 1824
> >
> > To unsubscribe: send mail to majordomo at wireless.org.au
> > with "unsubscribe melbwireless" in the body of the message
> >
>
>
> To unsubscribe: send mail to majordomo at wireless.org.au
> with "unsubscribe melbwireless" in the body of the message
>
>



To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message



More information about the Melbwireless mailing list