
Ask HN: How does WEP cracking work? - DaemonXI
I downloaded the BackTrack 4 LiveCD and ran it on my own router using the instructions in a couple Youtube videos and online guides.<p>I understand the basic principles:
* find interface and AP info
* dump all packets sniffed from target AP
* run fake authentication attack
* use ARP request replay to generate IVs for cracking
* crack collected packets once you have enough<p>I understand HOW to do it, but not how it works. I don't understand why I have to do a fake authentication attack, or what kind of packets aireplay-ng -3 generates and why they're useful, or how the crack itself works at the end.<p>Can anyone shed a little light on the process? The pages I've found only detail how to do it, not why they work, and the Wiki pages I've found are too in-depth to be grokable.
======
Saavedro
WEP uses the RC4 cipher. The RC4 cipher generates pseudorandom bytes to XOR
(mix) with your data to create the encrypted data. It generates these using an
algorithm that "shuffles" the numbers 0-255 around in an array.

The initial arrangement of this array is derived from the key, by what is
called a Key Scheduling Algorithm. In certain cases, this key scheduling
algorithm can be worked backwards from the output of RC4 (the pseudorandom
data) (if you can figure out enough about what the state of the array is) to
get the key.

It is not secure to use the same key twice when doing symmetric crypto, so an
Initialization Vector (just some extra data that is different for each
message) is usually combined with the "key" to create a new key for each
message. The IV is not a secret and usually sent along with the message in
plaintext since you have to know the rest of the key anyway. However, in RC4,
certain IVs cause working the Key Scheduling Algorithm backwards to be much
easier.

All of the fake-auth attacks, deauths, and whatnot that aircrack does are for
forcing machines on the network to generate more packets, because that
increases the chance a packet will have a "weak" IV.

[http://en.wikipedia.org/wiki/Fluhrer,_Mantin_and_Shamir_atta...](http://en.wikipedia.org/wiki/Fluhrer,_Mantin_and_Shamir_attack)

~~~
ErrantX
To expand more on this great answer; the point of the deauth attack ans so
forth are designed to generate a large number of IV's with which to work on.

The idea is that you can use weak IV's (as described above) to attack the
subsequent bytes in the encryption key. The important thing to know is that
the next byte cannot be definitively calculated - you can only calculate a
possible value. The reason a lot of weak IV's is needed is so you can perform
the same attack multiple times - at which point the correct byte value will
appear much more often than any other value.

(incidentally; the theory behind it is actually pretty simple but you do have
to be up on your encryption terminology for it to make sense on first reading
:) when I learned all this from scratch it took me ages to get my head round
it)

------
mertenz
This appears to be a good read on the topic:
[http://www.wifiplanet.com/tutorials/article.php/1368661/8021...](http://www.wifiplanet.com/tutorials/article.php/1368661/80211-WEP-
Concepts-and-Vulnerability.htm)

Hope that helps

------
jc-denton
Can't u google it urself?

------
jordyhoyt
Why is this here?

~~~
js4all
Look at the name, its called Hacker News.

~~~
Concours
Yeah, Hacker News NOT Cracker News , we create stuff, we don't crack stuff.

~~~
Concours
care to elaborate the downvotes?

~~~
mquander
I downvoted you because you are drawing a meaningless distinction. "We" crack
lots of stuff. The methodology behind cracking WEP is interesting, accessible,
and worth understanding. It's a perfectly appropriate topic.

------
Concours
DaemoXI , I knew you were a new user just by reading your question. This is
called hacker news, NOT cracker news. You should read the Guidelines or look
around (front page) to see what the site is about.

~~~
blasdel
And you in turn out yourself as a clueless interloper with your ninnying
prescriptivism!

ESR's edicts on nomenclature hold no sway over this community, nor really any
other. His attempt to parlay any negative implications onto the word 'cracker'
have only ever been taken seriously by affected noobs.

~~~
Concours
Thanks for your elaboration, I don't know what you are exactly talking about
but I respect your views.

~~~
patrickk
ESR = Eric Stephen Raymond.

Wikipedia: <http://en.wikipedia.org/wiki/Eric_S._Raymond>

Here's the "How to Become a Hacker" essay that contain's ESR's definition of a
hacker vs. a cracker:

<http://catb.org/esr/faqs/hacker-howto.html>

