back to article WEP key wireless cracking made easy

Code breakers have discovered a technique for extracting a 104-bit Wired Equivalent Privacy (WEP) key in under a minute. Cryptographic weaknesses with the first generation wireless encryption standard have been known for years, but the latest attack requires the capture of just a tenth of the number of packets required by …


This topic is closed for new posts.
  1. Alex Brooker

    Make it the default

    It has only been since wireless router vendors (or is it the broadband suppliers) have supplied equipment with WEP set up out of the box that most home networks have been protected at all. Most consumers can't be bothered to set up security - so save them the hassle with out-the-box WPA with a nice big key and a decent quick-start poster on linking your existing machines to it.

    A tip: Set up the IPs statically and leave the DHCP switced on, only ban all addresses the DHCP will provide. Couple this with WPA and MAC address filtering and it might take up to half an hour for the hacker to get in :)

  2. Anonymous Coward
    Anonymous Coward

    Gone in 60 seconds?

    It's either a conspiracy committed by the Bush administration to drain our computers of processing power so he can cluster them to put the final touches on his plan to become the evil overlord of the universe OR Microsoft was the original architect...

  3. Kris Kirkbride

    MILES easier... break into the house containing the router and with a pen, copy the WEP key off of the router/modem's barcode onto your hand, hey presto, free broadband in under 15minutes.


  4. Ken Green

    Gone in 1800 seconds

    A tip: Set up the IPs statically and leave the DHCP switced on, only ban all addresses the DHCP will provide. Couple this with WPA and MAC address filtering and it might take up to half an hour for the hacker to get in :)

    Or alternatively set up the Wifi so that it only routes to your VPN server. Or better still both :-)

    What do you mean that most home users don't have a VPN server?

  5. Anonymous Coward
    Anonymous Coward

    WPA not much better

    WPA with a weak passphrase (like most people use) is easily broken with a deauthentication attack to capture the 4 way handshake between AP and client, which is handily encrypted with WEP. MAC filtering, bah, ifconfig takes 2 seconds to change a mac address.

  6. Remy Redert

    Wireless security

    WPA-PSK, DHCP on, though not banned. MAC filtering is in place and I regularly take a peek at the DHCP client list to see if there's anything unusual.

    Unlike most, my wireless network is only up when I'm actaully using it though, so there's a little less chance of someone trying to break in while I'm not paying attention.

  7. Anonymous Coward
    Anonymous Coward

    Weak passphrases

    "WPA with a weak passphrase (like most people use) is easily broken"

    Any encryption method with a weak passphrase is easily broken. People need to be educated into using a phrase and some numbers together.

    If education isn't possible, perhaps people need to be issued with physical keys of some kind that automatically assign a strong passphrase to the owner's devices.

  8. Jason Togneri

    Hasn't this been discussed before?

    If anyone is sad enough to go to the effort of breaking into your wireless network at home, then you evidently have a far greater problem than bandwidth leeching. Stalking, for example, or angry ex-girlfriends perhaps. After all, what on earth do you keep (apart from those two thousand pirated MP3s and that copy of VMWare) that is so secret?

  9. Alex Wood


    "Sweet: free Internet wherever I am" is what a theoretical laptop owner might say.

  10. Joe

    Home users don't care

    Most home users simply don't know, or don't care, and if they do it's not to stop professional hackers (we all know that's not possible!), it's to stop Fred from next door using your internet connection for free.

    So WEP with your surname as the password probably suffices for many...

  11. Gerhard Mack

    re: Hasn't this been discussed before?

    I don't know why people keep thinking they have nothing on their PCs worth having so no one would want to break in. It's not about the PCs on the network. It's about the outgoing internet connection.

    Wireless hot spots and corporate lans are usually strictly filtered so not as useful as a home network which usually isn't. Given access to your network they can now do things that they wouldn't want traced back to themselves.

    The list includes:


    Attempting to break into other computers

    Viewing child porn. (they actually caught a guy doing this in Toronto)

    Any one of these will leave you in a "guilty until proven innocent" scenario as far as your ISP is concerned and may result in legal trouble as well.

  12. Andy

    Why use wireless?

    Why use wireless when wired is more secure? And less hassle.

  13. Martin Benson

    Why use wireless, he asks??

    "Why use wireless when wired is more secure?"

    You've obviously never had a teenage daughter sitting on the settee in the front room with her laptop, surfing the web, IM-ing her friends, doing her homework and watching telly all at the same time. She'll still try to do this even with a wired network, and after you've tripped over the trailing network connection across the room for the third time, you'll get wireless too.

  14. Graham Bartlett

    Why use wireless? simple...

    For people who rent, fixing up a wired network simply isn't an option (assuming you want your deposit back). Even for those that don't, setting up the wiring is non-trivial if you don't want your house to look like a workshop with wires stapled to the skirting boards. Digging channels in walls and drilling holes in floors for routing the CAT5 is not exactly the work of an afternoon - and nor is plastering over the aforesaid holes afterwards!

  15. Mad as a Bat

    Physical security is the way to go

    Go for the physical security option. A 500m exclusion zone patrolled by armed guards with instructions to shoot anyone seen carrying a laptop or PDA is the way to go. A 3m high solid earth bank around the house should stop those armed with directional antennas snooping from further afield.

  16. Roger Lee

    Why not have a laugh?

    Your neighbours aren't going to boost your Internet connection if it's no use to them.

    Check out:

    The basic approach this guy takes would probably be enough, but it wouldn't take much to make it far, far more offensive.

  17. Jonathan Adams

    WPA works?

    I've never had any luck getting WPA to work for any OS so far, maybe it's a bad implementation, maybe it's that fact that Windows doesn't like it, maybe it's the fact that the only other OS i use (Solaris) doesn't yet support it ...

    Even with the latest hack I'll still advise people to turn of WPA and use WEP.

  18. Damien Guard

    So what, we're using 128-bit

    Unless I'm mistaken the default WEP key size is 128-bit and of course every bit doubles the number of possibilities.

    Let's assume for just a second that the attack is scalable and the time taken simply doubles when the number of possibilities doubles.

    Starting with the premise of 1 minute for 104-bit and the fact there are 24-bits remaining between the 104-bit demonstration and the 128-bit reality that means we should double the 1 minute attack time 24 times.

    This gives us a result of 8,388,608 minutes or 139,810 hours or 5825 days or nearly 16 years.

    I wouldn't say 128-bit WEP is dead just yet although obviously improved attack mechanisms and faster CPU's will no doubt continue to erode it.


  19. nigel smithson

    104bit is 128bit.

    104 bit Wep is 128bit wep. Its a 104bit key combined with a 24bit Initialisation Vector, which equals 128bit.

    Also it matters little how large your key is, if the implentation of the encryption is fundamentaly flawed.

  20. Craig Collier

    Really, who cares?

    at work mayeb, but even if my neighbours COULD get in to our wireless network, what on earth would they want out of it? I guess if they have a mythtv frontend on a linux box they could steal our tv, but then we do have two tuners, so we probably wouldn't notice :)

    i COULD break into a ford fiesta in two minutes, and that takes a lot less than a laptop and procesing power. A simple brick and crowbar will do that, and you can buy those anywhere.

This topic is closed for new posts.

Other stories you might like