The Final Nail in WEP?s Coffin

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Andrea Bittau Articles by Mark Handley Articles by Joshua Lackey

2006 IEEE Symposium on Security and Privacy (S&P'06)

Berkeley/Oakland, California

May 21-May 24

ISBN: 0-7695-2574-1

	ASCII Text	x
	Andrea Bittau, Mark Handley, Joshua Lackey, "The Final Nail in WEP?s Coffin," Security and Privacy, IEEE Symposium on, pp. 386-400, 2006 IEEE Symposium on Security and Privacy (S&P'06), 2006.

	BibTex	x
	@article{ 10.1109/SP.2006.40, author = {Andrea Bittau and Mark Handley and Joshua Lackey}, title = {The Final Nail in WEP?s Coffin}, journal ={Security and Privacy, IEEE Symposium on}, volume = {0}, year = {2006}, issn = {1081-6011}, pages = {386-400}, doi = {http://doi.ieeecomputersociety.org/10.1109/SP.2006.40}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Security and Privacy, IEEE Symposium on TI - The Final Nail in WEP?s Coffin SN - 1081-6011 SP386 EP400 A1 - Andrea Bittau, A1 - Mark Handley, A1 - Joshua Lackey, PY - 2006 KW - null VL - 0 JA - Security and Privacy, IEEE Symposium on ER -

Andrea Bittau, University College London

Mark Handley, University College London

Joshua Lackey, Microsoft

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SP.2006.40

The 802.11 encryption standard Wired Equivalent Privacy (WEP) is still widely used today despite the numerous discussions on its insecurity. In this paper, we present a novel vulnerability which allows an attacker to send arbitrary data on a WEP network after having eavesdropped a single data packet. Furthermore, we present techniques for real-time decryption of data packets, which may be used under common circumstances. Vendor produced mitigation techniques which cause frequent WEP re-keying prevent traditional attacks, whereas our attack remains effective even in such scenarios.

We implemented a fully automatic version of this attack which demonstrates its practicality and feasibility in real networks. As even rapidly re-keyed networks can be quickly compromised, we believe WEP must now be abandoned rather than patched yet again.

Citation:

Andrea Bittau, Mark Handley, Joshua Lackey, "The Final Nail in WEP?s Coffin," sp, pp.386-400, 2006 IEEE Symposium on Security and Privacy (S&P'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.