Play all

Introduction

Talk overview

Why Perform Dictionary attacks on WEP?

Wired Equivalent Privacy

WEP Encryption

WEP Authentication

128-bit Variant

WEP Keying

Key Entry Example

64-bit key Generator

64-bit Generator Flawed!

ASCI Mapping Reduces Entropy

PRNG Use Reduces Entropy

Entropy of 64-bit Generator is 21-bits

128-bit Generator

Designed and implemented a WEP Cracker

Structure of WEP Cracker

Packet Collector

Making Guesses

Mapping Guesses to Keys

Key Verification

Results

Brute Force of Keys

Implications

Related work - Bad News

That's All Folks...

Description:

Explore the vulnerabilities of Wired Equivalent Privacy (WEP) encryption in this 46-minute Black Hat USA 2001 conference talk by Tim Newsham. Delve into the reasons for performing dictionary attacks on WEP and understand the intricacies of WEP encryption and authentication. Examine the flaws in 64-bit and 128-bit key generators, including reduced entropy due to ASCII mapping and PRNG use. Learn about the structure and implementation of a WEP cracker, including packet collection, key guessing, and verification techniques. Discover the implications of these vulnerabilities and related work in the field. Gain valuable insights into the weaknesses of early wireless security protocols and their impact on network security.

Cracking WEP Keys

Black Hat

Add to list

#Conference Talks #Black Hat #Information Security (InfoSec) #Cybersecurity #Computer Science #Cryptography #Network Security #Dictionary Attacks