Proceedings ArticleDOI
The final nail in WEP's coffin
Andrea Bittau,Mark Handley,J. Lackey +2 more
- pp 386-400
Reads0
Chats0
TLDR
A novel vulnerability is presented which allows an attacker to send arbitrary data on a WEP network after having eavesdropped a single data packet and techniques for real-time decryption of data packets are presented, which may be used under common circumstances.Abstract:
The 802.11 encryption standard Wired Equivalent Privacy (WEP) is still widely used today despite the numerous discussions on its insecurity. In this paper, we present a novel vulnerability which allows an attacker to send arbitrary data on a WEP network after having eavesdropped a single data packet. Furthermore, we present techniques for real-time decryption of data packets, which may be used under common circumstances. Vendor produced mitigation techniques which cause frequent WEP re-keying prevent traditional attacks, whereas our attack remains effective even in such scenarios. We implemented a fully automatic version of this attack which demonstrates its practicality and feasibility in real networks. As even rapidly re-keyed networks can be quickly compromised, we believe WEP must now be abandoned rather than patched yet again.read more
Citations
More filters
Proceedings ArticleDOI
Side-Channel Leaks in Web Applications: A Reality Today, a Challenge Tomorrow
TL;DR: It is found that surprisingly detailed sensitive information is being leaked out from a number of high-profile, top-of-the-line web applications in healthcare, taxation, investment and web search, suggesting the scope of the problem seems industry-wide.
Patent
Methods, systems, and media for detecting covert malware
Brian M. Bowen,Pratap Prabhu,Vasileios P. Kemerlis,Stylianos Sidiroglou,Salvatore J. Stolfo,Angelos D. Keromytis +5 more
TL;DR: In this article, a method for detecting covert malware in a computing environment is provided, the method comprising: generating simulated user activity outside of the computing environment; conveying the simulated user activities to an application inside the environment; and determining whether a decoy corresponding to the simulated users' activity has been accessed by an unauthorized entity.
Patent
Methods, systems, and media for baiting inside attackers
Salvatore J. Stolfo,Angelos D. Keromytis,Brian M. Bowen,Shlomo Hershkop,Vasileios P. Kemerlis,Pratap Prabhu,Malek Ben Salem +6 more
TL;DR: In this article, a trap-based defense is proposed, the method comprising of generating decoy information based at least in part on actual information in a computing environment, embedding a beacon into the decoy, and inserting the decoys information with the embedded beacon into computing environment.
Proceedings ArticleDOI
Practical attacks against WEP and WPA
Erik Tews,Martin Beck +1 more
TL;DR: In this article, the authors describe two attacks on IEEE 802.11 based wireless LANs: improved key recovery attack on WEP, which reduces the average number of packets an attacker has to intercept to recover the secret key, and dictionary attack when a weak pre-shared key is used.
Book ChapterDOI
Breaking 104 Bit WEP in less than 60 seconds
TL;DR: An active attack on the WEP protocol is demonstrated that is able to recover a 104-bit WEP key using less than 40,000 frames with a success probability of 50%.
References
More filters
Book ChapterDOI
Weaknesses in the Key Scheduling Algorithm of RC4
TL;DR: It is shown that RC4 is completely insecure in a common mode of operation which is used in the widely deployed Wired Equivalent Privacy protocol (WEP, which is part of the 802.11 standard), in which a fixed secret key is concatenated with known IV modifiers in order to encrypt different messages.
Proceedings ArticleDOI
Intercepting mobile communications: the insecurity of 802.11
TL;DR: Several serious security flaws in the Wired Equivalent Privacy protocol are discovered, stemming from mis-application of cryptographic primitives, which lead to a number of practical attacks that demonstrate that WEP fails to achieve its security goals.
Proceedings Article
802.11 denial-of-service attacks: real vulnerabilities and practical solutions
John Bellardo,Stefan Savage +1 more
TL;DR: This paper provides an experimental analysis of 802.11-specific attacks - their practicality, their efficacy and potential low-overhead implementation changes to mitigate the underlying vulnerabilities.
Proceedings Article
Using the Fluhrer, Mantin, and Shamir Attack to Break {WEP}
TL;DR: It is concluded that 802.11 WEP is totally insecure, and some recommendations are provided to make the attack more efficient.
Path MTU discovery
Jeffrey C. Mogul,S. Deering +1 more
TL;DR: This memo describes a technique for dynamically discovering the maximum transmission unit (MTU) of an arbitrary internet path by specifying a small change to the way routers generate one type of ICMP message.