Information Technology Reference
In-Depth Information
While these additions to WEP cracking algorithms can help to lower the time nec-
essary to compromise a complete WEP key, they have not been widely implemented.
This could be due to the overall low percentage of WEP enabled devices that are cur-
rently being implemented, or to the popularity of current WEP cracking utilities.
These methods will most likely become more popular as newer devices avoid the
usage of more commonly known weak IVs.
In August 2004, a hacker named KoreK published code in the NetStumbler fo-
rums that outlined expansions to the FMS attacks. These attacks have been im-
plemented in both aircrack and WEPLab, both of which claim to crack WEP in
record time. Essentially, these attacks work much like the FMS attack. The KSA
is run as far as possible while looking at the values of the S array and the known
keystream. Depending on the values that are found, the key bytes can be extracted.
Appendix B
contains KoreK's original code with comments added by the authors.
Since the publication of this code on NetStumbler forums, KoreK has released a
utility called chopper which expands upon this concept.
KoreK has since released another program called chopchop. This program exploits
WEP in a different way to decrypt single packets. When an encrypted packet is cap-
tured, it can be decrypted one byte at a time by making a slight modification and
attempting to retransmit it. The attacker will remove the last byte of the encrypted
packet and replace it with a guess. To test to see if the guess was correct or not,
the packet is sent to the access point. If the access point accepts the message and
rebroadcasts it, the attacker can be sure that the guess was correct. The attacker can
then use this byte and the corresponding cipherbyte to find the plaintext byte. Since
there are only 256 choices for each byte, the packet can be decrypted in a relatively
short period of time.
2 . 5 I n j e c t i n g P a c k e t s f o r F a s t e r W E P C r a c k i n g
The WEP cracking processes discussed so far require the capture of a large num-
ber of WEP encrypted data packets. For large wireless networks this requirement is
easily met because of the large volume of traffic. However, there are other networks
where the volume of traffic is not sufficient to allow the capture of enough packets in
a reasonable period of time. It is possible to generate the necessary traffic on these
networks by injecting packets to solicit responses. These packets do nothing to help
the breaking of WEP, but the responses from a legitimate device on the network will
increase the probability of generating weak initialization vectors. Some utilities like
reinj and aireplay (part of the aircrack package) do this by capturing ARP requests.
It then turns the packet around and injects it back into the network. Since the access
point can't tell the difference between the injected packet and the original, the ARP
request and response will give the attacker two more packets to work with. Other
