German security researchers find a faster way to break WEP
Wired Equivalency Privacy (WEP) protection on WiFi network can now be broken in as little as 3 seconds, according to a team of researchers from Darmstadt University of Technology in Darmstadt, Germany.
Mathematicians have long known about the flaws in the RC4 key scheduling algorithm in the WEP WiFi Protocol, but in practice, it has required several minutes to break the key. Now, that time has been slashed.
The researchers said that they’ve been abke to extract a 104-bit WEP key from intercepted data in just three seconds using a 1.7GHz Pentium M processor. Erik Tews, one of the researchers said that some PDAs or mobile phones with the right hardware could be used to penetrate the WEP security.
“Although stronger encryption methods have come along since the first flaws in WEP were discovered, the new attack is still relevant,” the researchers said. A survey of a large German city found that 59 percent of the WiFi networks were still using WEP while only 18 percent were using the newer WPA protocol.
Anyone using Wi-Fi to transmit data they want to keep private should consider switching from WEP to a more robust encryption protocol such as WPA if the current hardware supports it, the researchers said.
Tews added: “Depending on your skills, it will cost you some minutes to some hours to switch your network to WPA. If it would cost you more than some hours of work if such private data becomes public, then you should not use WEP anymore.”
But if you’ve got old school hardware holding you back, there are a few available methods to circumvent easy attacks.
One way is by using statistical techniques to identify a number of possible keys, and hide the real security key in a cloud of dummy ones.
Could this latest development finally mean the end of WEP?
Related Posts:
