Q:I heard about a new WEP cracking technique. Can you explain it?

WEP has been generally recognised as broken since 2001 when Fluhrer, Mantin, and Shamir, commonly known as FMS, published their paper 'Weaknesses in the Key Scheduling Algorithm of RC4.' However, WEP is still in widespread use despite the common knowledge that it is severely inadequate, and at most provides a minor nuisance to an attacker.

This could be from a myriad of reasons, after all many embedded devices were produced when WEP was the de-facto standard for securing WLANs and it can take a while for them to be upgraded or replaced. It can also take a while for what anyone involved in security day-to-day knows to trickle out to the rest of the world, and as a result many people setting up wireless networks in SOHO environments may think WEP is still the way to go.

Whatever the reasons, WEP is unfortunately still being used.

Initial tools based on the FMS technique needed to capture on the order of 5 to 10 million frames to crack WEP. This is in order to get enough frames encrypted with "weak" (initialisation vectors) IVs, which can be correlated with bytes in the RC4 key used to encrypt the contents of the frame. Among the tools that implemented this technique was the original version of AirSnort. However the attack was viewed as impractical as it could take quite a while (at the time) to collect enough traffic. Still a stop-gap solution was developed - using WEP with 802.1X to cycle WEP keys automatically. By doing this, any single WEP key wouldn't be in use long enough for an attacker to crack it.

However, new tools developed that expanded the number of IVs that were usable for determining the key in addition to techniques for generating traffic (ARP re-injection). With these advances it still took a significant amount of time to collect data, though only one million or less frames were required for recovering the key.

Recently, new advances in WEP cracking have been made by Pychkine, Weinmann, and Tews from the Technical University of Darmstadt.

In short, the researchers developed a method for recovering the key with as few as 40,000 frames, which can be done in roughly one minute using ARP re-injection. While the probability that the correct WEP key will be recovered with so few frames is merely 50 percent, the probability increases significantly with a small increase in the number of gathered frames. For instance, if you've gathered 85,000 frames it will be possible to recover the key 95 percent of the time.

Pychkine, Weinmann, and Tews initially released the proof-of-concept for their research as aircrack-ptw, a modified version of aircrack-ng, but it has since been integrated into the aircrack-ng codebase. Given that the tool is widely available it may be a good idea to look at make it a higher priority to upgrade or replace any WEP based equipment that you still have.

Andrew Lockhart is lead security analyst at Network Chemistry, author of O'Reilly Media's Network Security Hacks, and author of Snort-Wireless, an open source project adding wireless intrusion detection to Snort. He is also an editorial board member of the . This article appeared in Network World.