If you’ve forgotten the key for your WEP protected wireless network don’t bother to log in to the access point to change it – now it’s quicker and simpler just to crack the key.
It’s been known for a number of years that WEP (Define) is fatally flawed, and that by capturing about 5 million encrypted data packets, it’s possible to retrieve the WEP key and get access to the network and data transmitted over. This was first done using an attack developed thanks to research carried out by Scott Fluhrer, Itsik Mantin, and Adi Shamir about 5 years ago.
In 2004, a refinement known as the Korek attack was developed, meaning anyone could find a WEP key after capturing as few as half a million packets, using a standard hacker tool such as Aircrack-ng. Sitting around waiting for half a million packets to be sent over a wireless network which is not particularly busy is not the most interesting pass-time in the world, so it’s become common practice to capture ARP requests and use packet injection to rebroadcast them to the target access point, stimulating the access point to generate and broadcast more packets, so that the half a million or so required can be captured in the time it takes to have a cup of coffee and a couple of donuts.
Last week three German cryptographic researchers at Darmstadt University, Erik Tews, Andrei Pychkine and Ralf-Philipp Weinmann, revealed an advanced version of an attack based on research by Andreas Klein in 2005 which shows WEP is even more vulnerable than previously supposed. Such is the high correlation between WEP encrypted packets and the key used to create them that it’s possible to retrieve a 104-bit WEP key from as few as 40,000 captured packets with 50 percent likelihood of success using the new attack. Capturing 60,000 packets increases the chances of success to 80%.
Now here’s the scary bit. Using a standard Atheros-based Wi-Fi card with a driver patched for packet injection, it’s perfectly feasible to generate 40,000 packets in a couple of minutes using a standard hacker packet injection tool, Aireplay-ng, and capture them using Airodump-ng. In fact Pychkine, Tews and Weinmann claim to be able to generate 40,000 packets in under 60 seconds.
To demonstrate their attack, Pychkine, Tews and Weinmann have developed a tool similar to Aircrack-ng which they have named Aircrack-ptw (after the initials of their last names.) This takes the ARP packets captured during the ARP re-injection and retrieves the WEP key – in about 3 seconds on a moderately powered laptop. Aircrack-ptw is freely available on the Internet and is doubtless in the hands of many hackers, of both the good and bad variety.
There are a few limitations to Aircrack-ptw at present: It only works with ARP request and response packets, which means it’s of no use to hackers using a device with drivers that lack support for packet injection. But since packet injection is usually used to crack WEP using the older Korek based attack, this should be small consolation to anyone relying on WEP. And the PTW attack doesn’t work with 256-bit WEP keys, but devices which support this length WEP key are pretty rare anyway.
Surely this must be the end of the line for WEP, then? Erik Tews certainly agrees. “For more than 5 years, it has been clear that WEP is insecure and useless for security sensitive environments,” he told Enterprise Networking Planet. “I think this is the missing nail in WEP’s coffin,” he concludes.