Cisco Wireless LAN Security

WEP Key Recovery Attacks

One of the juiciest targets for an attacker targeting a WEP-protected WLAN is recovering the WEP key. Because of vulnerabilities in the WEP protocol and some implementation mistakes, several attacks have been developed that compromise WEP keys. The most serious of these is the Fluhrer-Mantin-Shamir (FMS) attack, which allows a passive sniffer to recover WEP keys with as little as nine minutes of sniffing.

Dictionary-Based Key Attacks

So-called strong WEP keys are 104 bits, or 26 hexadecimal digits, which is a chore to type. Dynamic key distribution methods, such as those included in the Lightweight Extensible Authentication Protocol (LEAP) or the Protected Extensible Authentication Protocol (PEAP), overcome this chore. ...

Get Cisco Wireless LAN Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cisco Wireless LAN Security by Sri Sundaralingam, Krishna Sankar, Darrin Miller, Andrew Balinsky

WEP Key Recovery Attacks

Dictionary-Based Key Attacks

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly