A key recovery attack on the 802.11b wired equivalent privacy protocol (WEP)
ACM Transactions on Information and System Security (TISSEC)
The Final Nail in WEP's Coffin
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Attacks on the RC4 stream cipher
Designs, Codes and Cryptography
Breaking 104 Bit WEP in less than 60 seconds
WISA'07 Proceedings of the 8th international conference on Information security applications
Automating the injection of believable decoys to detect snooping
Proceedings of the third ACM conference on Wireless network security
Privacy is essential for secure mobile devices
IBM Journal of Research and Development
SecureAngle: improving wireless security using angle-of-arrival information (poster abstract)
Proceedings of the ACM SIGCOMM 2010 conference
SecureAngle: improving wireless security using angle-of-arrival information
Hotnets-IX Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks
Mapping the urban wireless landscape with Argos
Proceedings of the 8th ACM Conference on Embedded Networked Sensor Systems
Discovery and exploitation of new biases in RC4
SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
Ideal key derivation and encryption in simulation-based security
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
Crypt analysis of two time pads in case of compressed speech
Computers and Electrical Engineering
Statistical attack on RC4 distinguishing WPA
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
SkyNET: a 3G-enabled mobile attack drone and stealth botmaster
WOOT'11 Proceedings of the 5th USENIX conference on Offensive technologies
Composition theorems without pre-established session identifiers
Proceedings of the 18th ACM conference on Computer and communications security
Data obfuscation with network coding
Computer Communications
Practical verification of WPA-TKIP vulnerabilities
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Secure mobile assessment of deaf and hard-of-hearing and dyslexic students in higher education
Proceedings of the 17th Panhellenic Conference on Informatics
SecureArray: improving wifi security with fine-grained physical-layer information
Proceedings of the 19th annual international conference on Mobile computing & networking
A system for generating and injecting indistinguishable network decoys
Journal of Computer Security
Hi-index | 0.00 |
In this paper, we describe two attacks on IEEE 802.11 based wireless LANs. The first attack is an improved key recovery attack on WEP, which reduces the average number of packets an attacker has to intercept to recover the secret key. The second attack is (according to our knowledge) the first practical attack on WPA secured wireless networks, besides launching a dictionary attack when a weak pre-shared key (PSK) is used. The attack works if the network is using TKIP to encrypt the traffic. An attacker, who has about 12-15 minutes access to the network is then able to decrypt an ARP request or response and send 7 packets with custom content to network.