International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Breaking 104 bit WEP in less than 60 seconds

Erik Tews
Ralf-Philipp Weinmann
Andrei Pyshkin
Search ePrint
Search Google
Abstract: We demonstrate an active attack on the WEP protocol that is able to recover a 104-bit WEP key using less than 40.000 frames in 50% of all cases. The IV of these packets can be randomly chosen. This is an improvement in the number of required frames by more than an order of magnitude over the best known key-recovery attacks for WEP. On a IEEE 802.11g network, the number of frames required can be obtained by re-injection in less than a minute. The required computational effort is approximately 2^{20} RC4 key setups, which on current desktop and laptop CPUs is neglegible.
  title={Breaking 104 bit WEP in less than 60 seconds},
  booktitle={IACR Eprint archive},
  keywords={RC4, WEP, cryptographic protocols, cryptanalysis},
  note={ 13772 received 1 Apr 2007, last revised 16 Sep 2007},
  author={Erik Tews and Ralf-Philipp Weinmann and Andrei Pyshkin},