Network encryption cracking
Encyclopedia
Network encryption cracking is the breaching of network encryptions (e.g., WEP, WPA, ...), usually through the use of a special encryption cracking software
Wireless security
Wireless security is the prevention of unauthorized access or damage to computers using wireless networks.Many laptop computers have wireless cards pre-installed. The ability to enter a network while mobile has great benefits. However, wireless networking is prone to some security issues...

. It may be done through a range of attacks (active and passive) including injecting traffic, decrypting traffic, and dictionary-based attacks
Dictionary attack
In cryptanalysis and computer security, a dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching likely possibilities.-Technique:...

.

Methods

As mentioned above, several types of attacks are possible. More precisely they are:
  • Decrypting traffic based on tricking access points (active attack)
  • Injecting traffic based on known plaintext (active attack)
  • Gathering traffic and performing brute force/dictionary based attacks
  • Decrypting traffic using statistical analysis (passive attack)

Injecting traffic

Injecting traffic means inserting forged encrypted messages into the network. It may be done if either the key is known (to generate new messages), or if the key is not known and only an encrypted message and plaintext message is gathered, through comparison of the two. Programs able to do the latter are Aireplay and WepWedgie.

Decrypting

Decryption often requires 2 tools; 1 for gathering packets and another for analysing the packet and determining the key. Gathering packets may be done through tools as WireShark
Wireshark
Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education...

, Prismdump and cracking may be done through tools such as WEPCrack, AirSnort
AirSnort
AirSnort is a Linux and Microsoft Windows utility for decrypting WEP encryption on an 802.11b network. Distributed under the GNU General Public License, AirSnort is free software. It is no longer maintained or supported.-External links:***...

, AirCrack, and WEPLab
Weplab
Weplab is a tool designed to teach how the Wired Equivalent Privacy wireless encryption protocol works, explain the security vulnerabilities in the protocol, and demonstrate attacks that can be used to compromise a WEP protected wireless network. Weplab is designed not only to crack WEP keys but...

.

When gathering packets, often a great amount of them are required to perform cracking. Depending on the attack used, 5-16 million frames may be required. The attack command itself, however, is surprisingly simple.

WEPCrack

Commands to be inputted into WEPCrack are:

perl \progra~1\wepcrack\pcap-getIV.pl

This command generates a log-file (ivfile.log) from a captured packet obtained by WireShark or prismdump A packet with at least 5 million frames is required.

perl \progra~1\wepcrack\wepcrack\.pl ivfile.log

This command asks WEPCrack to determine the key from the log file.

AirCrack

Aircrack is another program that's even simpler to use, as no command need to be entered; instead the user is asked to type in some parameters and click some buttons.

First airodump is started to gather the packets; herefore channel and MAC-filter are asked, yet the user does not need to know them per se (instead 0 and p may be inputted respectively). Then, AirCrack is started, the file just created by airodump is accessed, a 0 needs to be entered and the program determines the key.

AirSnort

AirSnort is an even simpler program, as it is completely interface-based. As the attack is only a simple brute-force attack however, cracking the encryption can take a while (from several days to a few weeks). Especially if traffic is low (only 4 users or so on network, the cracking will take at least 2 weeks).

Comparison of tools

A comparison of the tools noted above may be found at Security Focus.
The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK