[MLB-WIRELESS] Re: Strong WEP Key Generator

paul van den bergen pvandenbergen at swin.edu.au
Mon May 5 19:15:51 EST 2003 

just been looking at this... here is a link to help sort out all the mess...

http://www.80211-planet.com/tutorials/article.php/1490451

Key phrase for this subject (though the problem is far worse than opne might 
immediately appreciate)

quote
You see, WEP's practical problem has always been that administrators tend to 
stay with the same key for months, because there's no easy way to transfer 
new WEP keys. They have to manually set them in each access point and NIC. 
With a small key, WEP's typical 40 bit-key, a cracker can pick up enough 
frames based on the same key to figure it out in hours. A longer key, even 
256-bits, just means that a cracker needs to collect more data. Thus, while a 
long key will certainly discourage casual data raiders, if someone is 
determined to be a wireless spy, they do it with a few weeks of data 
collecting.
end quote

And I believe this is only one attack vector - there are others, but I know 
too little to say if they have been fixed or not.

On Mon, 5 May 2003 05:15 pm, Joris wrote:
> On Sun, May 04, 2003 at 11:49:22PM -0700, Jouni Malinen wrote:
> > On Mon, May 05, 2003 at 08:48:23AM +1000, Jason Hecker wrote:
> > I don't know whether one should really call anything related to WEP
> > "strong" ;-), but let's forget that for a moment and concentrate on key
> > generation..
> >
> > What exactly makes those keys "strong"?
>
> The fact that it's more random than your average birthday or kids name,
> like most people do.
>
> I don't think that site was intended for strong cryptographical
> purposes, but to help Mr and Mss Sixpack...
>
> > I would not call that strong key; it looks more like false sense of
> > security. Actually, that's quite good match for WEP security.. ;-)
>
> Yep.
> If you change the target audience, it starts making sense...

-- 
Dr Paul van den Bergen
Centre for Advanced Internet Architectures
caia.swin.edu.au
pvandenbergen at swin.edu.au
IM:bulwynkl2002
"And some run up hill and down dale, knapping the chucky stones 
to pieces wi' hammers, like so many road makers run daft. 
They say it is to see how the world was made."
Sir Walter Scott, St. Ronan's Well 1824 

To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message

More information about the Melbwireless mailing list