the final nail in wep s coffin
play

The Final Nail in WEPs Coffin Andrea Bittau 1 Mark Handley 1 Joshua - PowerPoint PPT Presentation

Dec 08, 2022 •276 likes •587 views

Introduction Fragmentation Attack Implementation Conclusion 1/19 The Final Nail in WEPs Coffin Andrea Bittau 1 Mark Handley 1 Joshua Lackey 2 May 24, 2006 1 University College London. 2 Microsoft. Wired Equivalent Privacy Introduction

  1. Introduction Fragmentation Attack Implementation Conclusion 1/19 The Final Nail in WEP’s Coffin Andrea Bittau 1 Mark Handley 1 Joshua Lackey 2 May 24, 2006 1 University College London. 2 Microsoft.

  2. Wired Equivalent Privacy Introduction Fragmentation Attack Implementation Conclusion 2/19 WEP is the 802.11 standard for encryption. Pre-shared key for whole network. Protects data privacy since data is encrypted. Access control: need key to transmit. In practice, only half of the networks are encrypted. In the subset of encrypted networks, WEP is most adopted. Popularity (%) of WEP and its alternatives based on our survey Region WEP WPA 802.11i London 76 20 4 Seattle region 85 14 1

  3. Goals when attacking WEP Introduction Fragmentation Attack Implementation Conclusion 3/19 Decrypt data in packets. Obtain access to the network by being able to transmit data. Recover the WEP key.

  4. Contribution Introduction Fragmentation Attack Implementation Conclusion 4/19 Today, millions of packets are required to break a WEP key. Our fragmentation attack allows: 1 Transmitting arbitrary data after eavesdropping a single data packet on an 802.11 WEP protected network. 2 Real-time decryption given that network is connected to Internet.

  5. Outline Introduction Fragmentation Attack Implementation Conclusion 5/19 Introduction 1 WEP Description WEP Attacks Fragmentation Attack 2 Transmission Decryption Implementation 3 Performance Evaluation Conclusion 4

  6. WEP operation Introduction Fragmentation Attack Implementation Conclusion 6/19 Data frame format Frame Body 802.11 Header CRC IV User Data ICV { { Initialization Vector CRC32 of user data Encryption keystream { IV + key RC4 0 1 0 1 { ⊕ seed Plain text 1 1 0 0 = 1 0 0 1 Cipher text

  7. History of WEP attacks Introduction Fragmentation Attack Implementation . . . and how the real problem was ignored Conclusion 7/19 Year 2000. Keystream attacks (independent of WEP key): Design flaw: WEP allows keystream reuse. Attacks were thought impractical: Need plain-text to recover keystream. Need 2 24 keystreams to decrypt all possible packets. Year 2001. Weak IV attacks (recover WEP key): Need millions of packets. Could take hours, and usually, days. Use EAP-based solutions to re-key, say, every ten minutes. Year 2006. Our contribution: fragmentation attack. Keystream attack which may be performed within minutes.

  8. History of WEP attacks Introduction Fragmentation Attack Implementation . . . and how the real problem was ignored Conclusion 7/19 Year 2000. Keystream attacks (independent of WEP key): Design flaw: WEP allows keystream reuse. Attacks were thought impractical: Need plain-text to recover keystream. Need 2 24 keystreams to decrypt all possible packets. Year 2001. Weak IV attacks (recover WEP key): Need millions of packets. Could take hours, and usually, days. Use EAP-based solutions to re-key, say, every ten minutes. Year 2006. Our contribution: fragmentation attack. Keystream attack which may be performed within minutes.

  9. History of WEP attacks Introduction Fragmentation Attack Implementation . . . and how the real problem was ignored Conclusion 7/19 Year 2000. Keystream attacks (independent of WEP key): Design flaw: WEP allows keystream reuse. Attacks were thought impractical: Need plain-text to recover keystream. Need 2 24 keystreams to decrypt all possible packets. Year 2001. Weak IV attacks (recover WEP key): Need millions of packets. Could take hours, and usually, days. Use EAP-based solutions to re-key, say, every ten minutes. Year 2006. Our contribution: fragmentation attack. Keystream attack which may be performed within minutes.

  10. Fragmentation attack Introduction Fragmentation Attack Implementation Outline Conclusion 8/19 Transmission 1 Recover a keystream. 2 Reuse the keystream to send arbitrary data. ❍❍❍❍❍❍❍❍ � � � ✠ ❥ Keystream-based decryption WEP key recovery Resend data through the AP to a Use transmission ability for buddy on the Internet. speeding up weak IV Recover the keystream used for attacks. encrypting the packet.

  11. Transmission Introduction Fragmentation Attack Implementation Recovering a short keystream Conclusion 9/19 If cipher-text & plain-text pair is known, their XOR is a keystream. Known plain-text (LLC/SNAP headers) in IP packets: 802.11 header 0xAA 0xAA 0x03 0x00 0x00 0x00 0x08 0x00

  12. Transmission Introduction Fragmentation Attack Implementation Recovering a short keystream Conclusion 9/19 If cipher-text & plain-text pair is known, their XOR is a keystream. Known plain-text (LLC/SNAP headers) in IP packets: 802.11 header 0xAA 0xAA 0x03 0x00 0x00 0x00 0x08 0x00 ⊕ Cipher-text 802.11 header = 8 bytes of keystream Can recover 8 bytes of keystream by eavesdropping a packet. Can encrypt (and transmit) 8 bytes of arbitrary data.

  13. Transmission Introduction Fragmentation Attack Implementation Sending arbitrarily long data Conclusion 10/19 802.11 supports MAC layer fragmentation. Transmit arbitrary data in 8 byte chunks. Fragmentation Data CRC32 } } Original plain-text & CRC. abcd efgh 1234 Fragments & CRC. efgh abcd 1983 1914 ⊕ ⊕ Keystream (IV x ). 1234 5678 1234 5678 = IV = } Encrypted frags. 2911 8305 1337 6667 x x

  14. Transmission Introduction Fragmentation Attack Implementation Sending arbitrarily long data Conclusion 10/19 802.11 supports MAC layer fragmentation. Transmit arbitrary data in 8 byte chunks. Fragmentation Data CRC32 } } Original plain-text & CRC. abcd efgh 1234 Fragments & CRC. efgh abcd 1983 1914 ⊕ ⊕ Keystream (IV x ). 1234 5678 1234 5678 = IV = } Encrypted frags. 2911 8305 1337 6667 x x

  15. Transmission Introduction Fragmentation Attack Implementation Sending arbitrarily long data Conclusion 10/19 802.11 supports MAC layer fragmentation. Transmit arbitrary data in 8 byte chunks. Fragmentation Data CRC32 } } Original plain-text & CRC. abcd efgh 1234 Fragments & CRC. efgh abcd 1983 1914 ⊕ ⊕ Keystream (IV x ). 1234 5678 1234 5678 = IV = } Encrypted frags. 2911 8305 1337 6667 x x

  16. Transmission Introduction Fragmentation Attack Implementation Sending arbitrarily long data Conclusion 10/19 802.11 supports MAC layer fragmentation. Transmit arbitrary data in 8 byte chunks. Fragmentation Data CRC32 } } Original plain-text & CRC. abcd efgh 1234 Fragments & CRC. efgh abcd 1983 1914 ⊕ ⊕ Keystream (IV x ). 1234 5678 1234 5678 = IV = } Encrypted frags. 2911 8305 1337 6667 x x

  17. Transmission Introduction Fragmentation Attack Implementation Sending arbitrarily long data Conclusion 10/19 802.11 supports MAC layer fragmentation. Transmit arbitrary data in 8 byte chunks. Fragmentation Data CRC32 } } Original plain-text & CRC. abcd efgh 1234 Fragments & CRC. efgh abcd 1983 1914 ⊕ ⊕ Keystream (IV x ). 1234 5678 1234 5678 = IV = } Encrypted frags. 2911 8305 1337 6667 x x

  18. Transmission Introduction Fragmentation Attack Implementation Recovering a longer keystream Conclusion 11/19 Discover a longer keystream to avoid sending many tiny packets: Send a long broadcast frame via multiple smaller fragments. AP relays it as a single packet. (New cipher & plain-text pair.) Keystream discovery IV Data CRC } } } Encrypted frags. 2911 8305 1337 6667 x x De-crypt & reassemble. abcd efgh 1234 Calculate entire CRC. ⊕ Keystream for IV y . 3141 5926 5358 = Relayed payload. y 2718 2818 2845

  19. Transmission Introduction Fragmentation Attack Implementation Recovering a longer keystream Conclusion 11/19 Discover a longer keystream to avoid sending many tiny packets: Send a long broadcast frame via multiple smaller fragments. AP relays it as a single packet. (New cipher & plain-text pair.) Keystream discovery IV Data CRC } } } Encrypted frags. 2911 8305 1337 6667 x x De-crypt & reassemble. abcd efgh 1234 Calculate entire CRC. ⊕ Keystream for IV y . 3141 5926 5358 = Relayed payload. y 2718 2818 2845

  20. Transmission Introduction Fragmentation Attack Implementation Recovering a longer keystream Conclusion 11/19 Discover a longer keystream to avoid sending many tiny packets: Send a long broadcast frame via multiple smaller fragments. AP relays it as a single packet. (New cipher & plain-text pair.) Keystream discovery IV Data CRC } } } Encrypted frags. 2911 8305 1337 6667 x x De-crypt & reassemble. abcd efgh 1234 Calculate entire CRC. ⊕ Keystream for IV y . 3141 5926 5358 = Relayed payload. y 2718 2818 2845

  21. Transmission Introduction Fragmentation Attack Implementation Recovering a longer keystream Conclusion 11/19 Discover a longer keystream to avoid sending many tiny packets: Send a long broadcast frame via multiple smaller fragments. AP relays it as a single packet. (New cipher & plain-text pair.) Keystream discovery IV Data CRC } } } Encrypted frags. 2911 8305 1337 6667 x x De-crypt & reassemble. abcd efgh 1234 Calculate entire CRC. ⊕ Keystream for IV y . 3141 5926 5358 = Relayed payload. y 2718 2818 2845

Recommend

Brexit The Final Nail In London Propertys Coffin WWW.MERCURYHOMESEARCH.COM 2000

Brexit The Final Nail In London Propertys Coffin WWW.MERCURYHOMESEARCH.COM 2000

Brexit The Final Nail In London Propertys Coffin WWW.MERCURYHOMESEARCH.COM 2000 Housing-market experts, from estate agents on the ground to analysts in the high-rise city banks, are agreed on one thing: this is more than the annual

297 views • 10 slides
dePSFrag, the final nail in the coffin Paulo Ney de Souza pauloney@gmail.com , Vadim Ponomarev

dePSFrag, the final nail in the coffin Paulo Ney de Souza pauloney@gmail.com , Vadim Ponomarev

Introduction dePSFrag, the final nail in the coffin Paulo Ney de Souza pauloney@gmail.com , Vadim Ponomarev vadim@cs.petrsu.ru , The 41 st Annual Conference of the TeX Users Group, 24-26 July 2020 Paulo Ney de Souza dePSFrag, the final nail in

343 views • 16 slides
NAIL GUN SAFETY NAIL GUN SAFETY Nail Guns Safety Nail Guns Safety A nail gun is an aptly

NAIL GUN SAFETY NAIL GUN SAFETY Nail Guns Safety Nail Guns Safety A nail gun is an aptly

NAIL GUN SAFETY NAIL GUN SAFETY Nail Guns Safety Nail Guns Safety A nail gun is an aptly named tool it operates like a hand gun, but shoots nails instead of bullets. Some Nail gun Facts: Powerful tools can fire up to nine

657 views • 36 slides
line Nail Ba Nail Bar Presen Presentat tation O ion Out utline Welcome / Introductio ns

line Nail Ba Nail Bar Presen Presentat tation O ion Out utline Welcome / Introductio ns

line Nail Ba Nail Bar Presen Presentat tation O ion Out utline Welcome / Introductio ns Thank your Host and give your Hostess her Host Gift for holding the Nail Bar on the original booking date. THRE THREE OPP E OPPOR ORTU TUNI

191 views • 3 slides
Coffin and Casket Collection www.keeganfuneraldirectors.co.uk Modern Funerals - Traditional

Coffin and Casket Collection www.keeganfuneraldirectors.co.uk Modern Funerals - Traditional

Modern Funerals - Traditional Values Coffin and Casket Collection www.keeganfuneraldirectors.co.uk Modern Funerals - Traditional Values Simple Cherry Coffin Cherry Veneer coffin, satin finish with flat lid and sides *Suitable for either

286 views • 14 slides
HEALTH AND SAFETY OF SOUTHEAST MICHIGAN NAIL SALONS Global problem, local lens Nail salon

HEALTH AND SAFETY OF SOUTHEAST MICHIGAN NAIL SALONS Global problem, local lens Nail salon

HEALTH AND SAFETY OF SOUTHEAST MICHIGAN NAIL SALONS Global problem, local lens Nail salon workers in the US are exposed to a large amount of cosmetic products on a daily basis that are often unregulated. 1 Exposures can lead to adverse

410 views • 7 slides
Nail Care for the Elderly by Emily Guerra Design for Aging Pratt Institute 2020 Nail Care for

Nail Care for the Elderly by Emily Guerra Design for Aging Pratt Institute 2020 Nail Care for

Nail Care for the Elderly by Emily Guerra Design for Aging Pratt Institute 2020 Nail Care for the Elderly Emily Guerra How can nail care be done safely? Nail care is very important, especially as we age because it afgects our overall health.

393 views • 15 slides
"T "To a man with a hammer, ith h everything looks like a nail everything looks like

"T "To a man with a hammer, ith h everything looks like a nail everything looks like

Topic 9 Introduction to Recursion I t d ti t R i Underneath the Hood. "T "To a man with a hammer, ith h everything looks like a nail everything looks like a nail" -Mark Twain Mark Twain CS 307 Fundamentals of CS 307

369 views • 14 slides
"To a man with a hammer, "T ith h everything looks like a nail" everything

"To a man with a hammer, "T ith h everything looks like a nail" everything

Topic 9 Introduction to Recursion I t d ti t R i "To a man with a hammer, "T ith h everything looks like a nail" everything looks like a nail -Mark Twain Mark Twain CS 307 Fundamentals of 1 Computer Science

664 views • 55 slides
the fingertip "Thumbnail1" by Kommissar - Own work. Licensed under CC0 via Commons -

the fingertip "Thumbnail1" by Kommissar - Own work. Licensed under CC0 via Commons -

the fingertip "Thumbnail1" by Kommissar - Own work. Licensed under CC0 via Commons - https://commons.wikimedia.org/wiki/ File:Thumbnail1.jpg#/media/File:Thumbnail1.jpg nail fold cuticle/eponychium nail fold lunula nail fold nail

903 views • 11 slides
HAIR AND NAIL CUP FINLAND 2019 18-19 OCTOBER 2019 MESSUKESKUS HELSINKI FIRST CMC FINLAND CUP OPEN

HAIR AND NAIL CUP FINLAND 2019 18-19 OCTOBER 2019 MESSUKESKUS HELSINKI FIRST CMC FINLAND CUP OPEN

HAIR AND NAIL CUP FINLAND 2019 18-19 OCTOBER 2019 MESSUKESKUS HELSINKI FIRST CMC FINLAND CUP OPEN INTERNATIONAL FOR HAIR, NAIL ART CHAMPIONSHIPS 2019 (DIRECTED BY CONFEDERATION MONDIALE COIFFURE, CMC) 2 WELCOME We are happy to announce the

422 views • 16 slides
Welcome Laurie Coffin Percona Be Social! Download the App! App features include: Up-to-date

Welcome Laurie Coffin Percona Be Social! Download the App! App features include: Up-to-date

Welcome Laurie Coffin Percona Be Social! Download the App! App features include: Up-to-date conference guide: all information about sessions, speakers and sponsors Create your personalized schedule with alarms Internal social

507 views • 9 slides
Nail 1 to ai solve if Sof can we IP with I Tri O ti the M C recurrent is positive

Nail 1 to ai solve if Sof can we IP with I Tri O ti the M C recurrent is positive

Birth death chain Problem Markov chain Consider with Xn a State space with 91,2 fi i if j ki i qi else 0 where Pit Kiyo Wifi Qi 70 e Positive recurrent Find a chain Is the a Justify b the chain Is reversible pi Po Nail

370 views • 7 slides
The Buncombe Turnpike As Presented by Dianne Janis of the Mary Coffin Starbuck Chapter

The Buncombe Turnpike As Presented by Dianne Janis of the Mary Coffin Starbuck Chapter

The Buncombe Turnpike As Presented by Dianne Janis of the Mary Coffin Starbuck Chapter Colonial Dames xvii Century At the Dunroy on Rutledge Homeowners Association Annual Meeting 6 December 2017

562 views • 6 slides
Pilbara..munu jarngu Juli Coffin CUCRH ACKNOWLEDGE Traditional owners/custodians

Pilbara..munu jarngu Juli Coffin CUCRH ACKNOWLEDGE Traditional owners/custodians

Smoke Free Kids in the Pilbara..munu jarngu Juli Coffin CUCRH ACKNOWLEDGE Traditional owners/custodians Community values, trust, stories and traditions that we carry with us on our journey Symposium committee Research team

816 views • 42 slides
Trusts & Mortgaging Property held in Trust Gary A. Coffin, Director of Client Education

Trusts & Mortgaging Property held in Trust Gary A. Coffin, Director of Client Education

Trusts & Mortgaging Property held in Trust Gary A. Coffin, Director of Client Education Market Street Settlement Group, LLC Horizon Settlement Services Accredited Real Estate Academy Proprietary information, do not distribute or use

532 views • 17 slides
Water Based and Odour Free Nail Polish Acquarella Polish - offers a high quality, chemicals free

Water Based and Odour Free Nail Polish Acquarella Polish - offers a high quality, chemicals free

Water Based and Odour Free Nail Polish Acquarella Polish - offers a high quality, chemicals free nail polish based on natural ingredients. The special water-based formula hydrates your nails and allows them to breathe, prevents from chipping,

350 views • 10 slides
cooling circuit plumb line tubing joints sealing sheets temperature probes coffin casings and

cooling circuit plumb line tubing joints sealing sheets temperature probes coffin casings and

one of many types column steel reinforcement earth network of concrete piping for monitoring cooling circuit plumb line tubing joints sealing sheets temperature probes coffin casings and primary and secondary injection network OPTIMIZATION OF

358 views • 34 slides
SPUR - Thinking Big in Downtown Oakland Opportunity Hub Rich Coffin, Principal July 10, 2019

SPUR - Thinking Big in Downtown Oakland Opportunity Hub Rich Coffin, Principal July 10, 2019

SPUR - Thinking Big in Downtown Oakland Opportunity Hub Rich Coffin, Principal July 10, 2019 California Dreaming Core Mega 2050 Capacity Region Plans SPUR Thinking Big in Downtown Oakland 2 Think Local Economic Opportunity

617 views • 22 slides
COM-002-2 Communications and Coordination February 27, 2014 Lonnie Lindekugel ~ SPP Jim Nail ~

COM-002-2 Communications and Coordination February 27, 2014 Lonnie Lindekugel ~ SPP Jim Nail ~

COM-002-2 Communications and Coordination February 27, 2014 Lonnie Lindekugel ~ SPP Jim Nail ~ City of Independence INTRODUCTION NERC Reliability Standard COM-002-2 (Communications and Coordination) serves an important purpose by requiring

278 views • 11 slides
"To a man with a hammer, everything looks like a nail" -Mark Twain Underneath the

"To a man with a hammer, everything looks like a nail" -Mark Twain Underneath the

Topic 12 Introduction to Recursion "To a man with a hammer, everything looks like a nail" -Mark Twain Underneath the Hood. CS314 Recursion 2 The Program Stack When you invoke a method in your code what happens when that

728 views • 50 slides
Imagine this: a Web without servers ??? Tara Vancil The Web, p2p protocols, nail art -

Imagine this: a Web without servers ??? Tara Vancil The Web, p2p protocols, nail art -

Imagine this: a Web without servers ??? Tara Vancil The Web, p2p protocols, nail art - taravancil.com - beakerbrowser.com @taravancil taravancil.com/nails Tara Vancil The Web, p2p protocols, nail art - taravancil.com -

1.2k views • 65 slides
"To a man with a hammer, everything looks like a nail" -Mark Twain CS314 Recursion 2

"To a man with a hammer, everything looks like a nail" -Mark Twain CS314 Recursion 2

Topic 12 Underneath the Hood. Introduction to Recursion "To a man with a hammer, everything looks like a nail" -Mark Twain CS314 Recursion 2 The Program Stack method1 and method2 // in class Mice When you invoke a method in

404 views • 13 slides
2020-21 Budget and School Fees Presentation and Engagement Dr. E. W. Coffin School Where Does

2020-21 Budget and School Fees Presentation and Engagement Dr. E. W. Coffin School Where Does

[Customize with your logo if you wish] 2020-21 Budget and School Fees Presentation and Engagement Dr. E. W. Coffin School Where Does CBE Funding Come From? For the 2020-21 school year: 93 per cent of funding will come from the

508 views • 18 slides

More recommend