论文信息 - IVs to Skip for Immunizing WEP against FMS Attack

IVs to Skip for Immunizing WEP against FMS Attack

The WEP (Wired Equivalent Privacy) is a part of IEEE 802.11 standard designed for protecting over-the-air communication. While almost all of the WLAN (Wireless LAN) cards and the APs (Access Points) support WEP, a serious key recovery attack (aka FMS attack) was identified by Fluhrer et al. The FMS attack can basically be prevented by skipping IVs (Initial Values) used in the attack, but naive skip methods reveal information on the WEP key since most of them depend on the WEP key and the patterns of the skipped IV reveal it. In order to skip IVs safely, the skip patterns must be chosen carefully. In this paper, we review the attack conditions (6) and (7), whose success probability is the highest, 0.05, amongst all known conditions to guess one key-byte from one packet. Then we identify their safe skip patterns.

Kazukuni Kobara | Hideki Imai

[1] John Ioannidis,et al. A key recovery attack on the 802.11b wired equivalent privacy protocol (WEP) , 2004, TSEC.

[2] Voon Chin Phua,et al. Wireless lan medium access control (mac) and physical layer (phy) specifications , 1999 .

[3] Virtual Bridged,et al. IEEE Standards for Local and Metropolitan Area Networks: Specification for 802.3 Full Duplex Operation , 1997, IEEE Std 802.3x-1997 and IEEE Std 802.3y-1997 (Supplement to ISO/IEC 8802-3: 1996/ANSI/IEEE Std 802.3, 1996 Edition).

[4] Itsik Mantin,et al. A Practical Attack on the Fixed RC4 in the WEP Mode , 2005, ASIACRYPT.

[5] S. Fluhrer,et al. Attacks on RC4 and WEP , 2002 .

[6] Adi Shamir,et al. Weaknesses in the Key Scheduling Algorithm of RC4 , 2001, Selected Areas in Cryptography.

[7] T. Ohigashi,et al. Most IVs of FMS Attack-Resistant WEP Implementation Leak Secret Key Information , 2005 .

[8] Wi-Fi Alliance,et al. Wi-Fi protected access , 2003 .

[9] Kazukuni Kobara,et al. Key-Dependent Weak IVs and Weak Keys in WEP - How to Trace Conditions Back to Their Patterns - , 2006, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..