【導(dǎo)讀】Wi-Fi是Ether相容的無線通信協(xié)定。Wi-Fi技術(shù)代號是IEEE，也叫做。適用範(fàn)圍在50到150公尺之間，→高層介面、網(wǎng)路互連?！鷻?quán)杖匯流排網(wǎng)路，或稱記號

　　

【正文】 RC4 ? If 2 ciphertexts are known, it is possible to obtain the XOR of the plaintexts ? Knowledge of the XOR can enable statistical attacks to recover plaintext ? Once one of the two plaintexts is known, it is simple to recover others RC4(x) ? X ? Y = RC4(y) 70 Attacks against WEP ? 50% chance of a collision exists already after only 4823 packets!!! ? Pattern recognition can disentangle the XOR’d recovered plaintext. ? Recovered ICV can tell you when you’ve disentangled plaintext correctly. ? After only a few hours of observation, you can recover all 224 key streams. 71 ? Passive Attack to Decrypt Traffic ? Tablebased Attack Attacks against WEP (cont) GBb y t e s 2415002 24 ??hr spac k e t sbi t sMbi t sMbi t sby t ebi t spac k e tB y t e s 5s e c18300210111 s e c1181500 246 ??????72 How to Read WEP Encrypted Traffic Ways to accelerate the process: ? Send spam into the work: no pattern recognition required! ? Get the victim to send to you ? The AP creates the plaintext for you! ? Decrypt packets from one Station to another via an Access Point ? If you know the plaintext on one leg of the journey, you can recover the key stream immediately on the other ? –Etc., etc., etc. 73 Papers on WLAN Security University of California, Berkeley University of Maryland Scott Fluhrer, Itsik Mantin, and Adi Shamir Feb. 2020 April 2020 July 2020 February 2020 Focuses on static WEP。 discusses need for key management Focuses on authentication。 identifies flaws in one vendor’s proprietary scheme Focuses on inherent weaknesses in RC4。 describes pragmatic attacks against RC4/WEP * “In practice, most installations use a single key that is shared between all mobile stations and access points. More sophisticated key management techniques can be used to help defend from the attacks we describe…” University of California, Berkeley report on WEP security, University of Maryland Flawed paper talking about Possible problems with 74 39。Offtheshelf39。 hack breaks wireless encryption (CNN) A group of researchers from Rice University and ATamp。T Labs have used offtheshelf methods to carry out an attack on a known wireless encryption flaw to prove that it could work in the real world. The researchers from Rice University in Houston, Texas, and ATamp。T performed their recent attack after reading a detailed and highly scientific description of the vulnerability written several weeks ago by Scott Fluhrer from Cisco Systems, and Itsik Mantin and Adi Shamir from The Weizmann Institute of Science in Israel. 75 Hackers poised to land at wireless AirPort By Jared Sandberg, The Wall Street Journal Online AirSnort operates by passively monitoring transmissions, puting the encryption key when enough packets have been gathered. WEPCrack is a tool that cracks WEP encryption keys using the latest discovered weakness of RC4 key scheduling. 76 AirSnort “Weak IV” Attack ? Initialization vector (IV) is 24bit field that changes with each packet ? RC4 Key Scheduling Algorithm creates IV from base key ? Flaw in WEP implementation of RC4 allows creation of “weak” IVs that give insight into base key ? More packets = more weak IVs = better chance to determine base key ? To break key, hacker needs 100,0001,000,000 packets IV encrypted data ICV WEP frame dest addr src addr 77 Security improvements (2nd Gen) ? WEP2 ? Increases size of IV to 128 bits ? Use of Kerberos for authentication within IEEE ? Be device independent = be tied to the user ? Have changing WEP keys ? WEP keys could be generated dynamically upon user authentication 78 ?Many WLAN deployments use static WEP keys that significantly promise security, as many users in a given WLAN share the same key. ?With the Airo Software Release and ACS , Cisco offers centrally managed, dynamic per user, per session WEP that addresses several of the concerns that the researchers refer to in their paper. ?The Cisco Airo wireless security solution augments WEP by creating a peruser, persession, dynamic WEP key tied to the work logon, thereby addressing the limitations of static WEP keys while providing a deployment that is hasslefree for administrators. URL: Airsnort ( and WEPCrack ( are two utilities that can be used to recover WEP keys. Cisco Airo Security Solution Provides Dynamic WEP to Address Researchers39。 Concerns 79 Dynamic WEP Key Management EAPOLStart EAPResponse/Identity EAPRequest RadiusAccessRequest RadiusAccessChallenge EAPResponse (Credential) RadiusAccessRequest EAPSuccess Access Blocked RadiusAccessAccept RADIUS EAPOW Associate Access Allowed EAPWKey (WEP) Laptop puter RADIUS Fast Ether EAPRequest/Identity 80 References ? ? ? ? Airsnort : ? ? ? ? ? ? ? ? 81 References (2) ? ? ? ? ? Nikita Borisov , Ian Goldberg , David Wagner, “Intercepting mobile munications,” The seventh annual international conference on Mobile puting and working, 2020 July 2020 ? N. Golmie, R. E. Van Dyck, and A. Soltanian, “Interference of bluetooth and IEEE : simulation modeling and performance evaluation,“ Proceedings of the 4th ACM international workshop on Modeling, analysis and simulation of wireless and mobile systems, 2020, Rome, Italy 82 References (3) ? ? ? ? ? ? ? ? ? ? 83 References (4) Cisco Airo: ? Wireless LAN amp。 IEEE 謝謝捧場 蔡文能