It’s not new news that Wireless WEP encryption is completely insecure but cracking the key required capturing at least 500,000 packets from the network up until now.

Erik Tews, Ralf-Philipp Weinmann, and Andrei Pyshkin of Darmstadt Technical University have figured out how to break the encryption with as few as 40,000 packets, 50% of the time, and can crack the key in as few as 3 seconds!

We were able to extend Klein’s attack and optimize it for usage against WEP. Using our version, it is possible to recover a 104 bit WEP key with probability 50% using just 40,000 captured packets. For 60,000 available data packets, the success probability is about 80% and for 85,000 data packets about 95%. Using active techniques like deauth and ARP re-injection, 40,000 packets can be captured in less than one minute under good condition. The actual computation takes about 3 seconds and 3 MB main memory on a Pentium-M 1.7 GHz and can additionally be optimized for devices with slower CPUs. The same attack can be used for 40 bit keys too with an even higher success probability.

If you have a wireless router and you’re using WEP encryption you need to switch to WPA1 or even better WPA2 right away. Otherwise your network’s traffic can be privy to anyone in range with the proper knowledge.

[aircrack-ptw via]

[tags]wifi, security, networking[/tags]