Wednesday, April 04, 2007

Ah-OOO-GAH! Security Alert on Wi-Fi!

Well, we all knew "Wired Equivalent Privacy" was a rather baldfaced lie. But now 104-bit WEP can be cracked in just a minute or two's worth of capture time, and three seconds of subsequent processing.



http://eprint.iacr.org/2007/120.pdf



A quick scan does not clue me as to how the 3 seconds of processing time (that on a 1.7 GHz single-core laptop) would scale as one moves from a 104-bit to a 128-bit key. If it goes up by a factor of 2^24, that's not so bad, almost a year and a half of compute time. Assuming linear parallelization and an eight-core, 3.4 GHz machine, a little over a month. But that's a long string of assumptions.



Guess it's time to go buy that WPA-capable router. Sure hope that's what our university IT Wi-Fi is using...but I bet it's not.





1 Comments:

Blogger David Dossot said...

I have stopped using WEP for at least a year, since the first rumors of its upcoming breaking.

I simply use MAC address filtering and do not broadcast the SSID. This saves me the overhead of the (now useless) encryption/decryption process, keeps my neighbors away from my LAN but definitively does not keep a motivated intruder from it.

5:11 PM  

Post a Comment

<< Home