Der Vortrag beschreibt das WEP-Verfahren und geht auf wesentliche
Design- und Implementationsschwächen des Protokolls ein.
Im Ausblick werden die Alternativen WPA und WPA2 (IEEE 802.11i)
kurz vorgestellt.
Veranstaltung: C3D2-Themenabend
"WLAN - Was nicht auf der Verpackung steht"
(12.3.2004)
$ python checkkeygen.py -h
The script is intended to demonstrate the flaw of some
40-Bit-Wep-Key generators, which is described in Tim
Newsham's paper "Applying known techniques to WEP Keys".
=====================================================
= Under no circumstances, DON'T EVEN THINK ABOUT, =
= to use this script to generate WEP-Keys !!!! =
=====================================================
Usage:
checkkeygen.py [options] [passphrase]
options:
-h this help
-v set verbosity (0,1,2,3)
-m modulo value of the LCPRNG (*)
-a multiplier value (*)
-c offset constant (*)
-t number of values to put in trash, before key
generation (*)
passphrase:
string, set in parantheses, if it contains spaces, e.g.
"this is a string which contains spaces"
(*) The values can be expressions, because they are expanded
with eval(), e.g. "2L**32" or "2L**32-1" or "0x123435"
[Interop]
InteropNetLabs:
What's Wrong With WEP?
(siehe auch hier)
[Whalen] Sean Whalen: Analysis of WEP and RC4 Algorithms
[BoGoWa] Borisov, Goldberg, Wagner: Security of the WEP algorithm
[StIoRu] Stubblefield, Ioannidis, Rubin: Using the Fluhrer, Mantin, and Shamir Attack to Break WEP
[RWeiss] Rüdiger Weiss: Wave-LAN: Wireless Encryption Placebo
[Newsham] Tim Newsham: Cracking WEP Keys - Applying known techniques to WEP Keys
[Eaton] (broken) Dennis Eaton: WLAN Security
[Eaton1] Dennis Eaton: 80211 Security
[ChrLink] Christian Link: 802. 11 (In) Security Overview