Researchers: WEP no longer secure for wireless

View this article at: http://www.electronista.com/articles/07/04/04/wep.no.longer.secure/

Wednesday, Apr 04, 2007 12:45pm

Researchers: WEP no longer secure for wireless

Based at Darmstadt University in Germany, three researchers are suggesting that WEP is no longer a reliable security standard for wireless, InfoWorld reports. Their findings have been published in an official paper, which describes how a 104-bit WEP key can be extracted in approximately three seconds, with the necessary data being captured in less than a minute.

More importantly, perhaps, this can done with a 1.7GHz Pentium M processor -- substantially less power than has been needed in the past. While WEP vulnerabilities were first exposed in 2001, an attack required the accumulation of four million data packets, which took a substantial amount of processing to crack. Subsequent analysis reduced the packets needed, but only now has WEP become critically exposed. The Darmstadt group is recommending the use of two countermeasures: the first is an intrusion detection system, while the second is a cloak of "dummy" WEP keys, which hampers any predictive methods in an attack.