[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Subject: IP: New results on WEP (fwd)
> >To: cryptography@wasabisystems.com >Subject: New results on WEP (fwd) >Date: Wed, 25 Jul 2001 19:13:29 -0400 >From: Matt Blaze <mab@research.att.com> >Sender: owner-cryptography@wasabisystems.com > > >Adi Shamir and his colleagues have some interesting >new results on RC4 with a practical attack against WEP. >With Adi's permission, I've made available a (PostScript) >copy of a draft of his paper at: > http://www.crypto.com/papers/others/rc4_ksaproc.ps > >(Fortunately, as far as I know WEP isn't used for copy protection, >so it's still legal to disseminate and traffic in this kind >of information...) > >- -matt > >- ------ Forwarded Message > >Date: Thu, 26 Jul 2001 00:50:03 +0300 >From: Shamir Adi <shamir@wisdom.weizmann.ac.il> >Organization: Weizmann Institute of Sciense, Faculty of Mathematics >To: mab@research.att.com >Subject: New results on WEP > >Dear Matt, > >WEP is the security protocol used in the widely deployed >IEEE 802.11 wireless LAN's. This protocol received a lot >of attention this year, and several groups of researchers >have described a number of ways to bypass its security. > >Attached you will find a new paper which describes a truly >practical direct attack on WEP's cryptography. It is an >extremely powerful attack which can be applied even when >WEP's RC4 stream cipher uses a 2048 bit secret key (its >maximal size) and 128 bit IV modifiers (as proposed in WEP2). >The attacker can be a completely passive eavesdropper (i.e., >he does not have to inject packets, monitor responses, or >use accomplices) and thus his existence is essentially >undetectable. It is a pure known-ciphertext attack >(i.e., the attacker need not know or choose their >corresponding plaintexts). After scanning several hundred >thousand packets, the attacker can completely recover the >secret key and thus decrypt all the ciphertexts. The running >time of the attack grows linearly instead of exponentially >with the key size, and thus it is negligible even for 2048 >bit keys. > >I'll appreciate your comments and suggestions. Please feel >free to forward this email to your colleagues. > > >Sincerely yours, > >Adi Shamir For archives see: http://www.interesting-people.org/
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Powered by eList eXpress LLC