This post was published 5 years 1 month 1 day ago. Therefore, it may well be out of date. Do not reply on the contents of this post being accurate. It turns out that WEP (the first generation wireless encryption standard) is more vulnerable to hacking than was previously thought.
Erik Tews, Andrei Pychkine and Ralf-Philipp Weinmann (cryptographic researchers at the cryptography and computer algebra group at the technical university Darmstadt in Germany) have published a paper explaining how they have extended and refined previously known WEP vulnerabilities.
Using our version, it is possible to recover a 104 bit WEP key with probability 50% using just 40,000 captured packets. For 60,000 available data packets, the success probability is about 80% and for 85,000 data packets about 95%. Using active techniques like deauth and ARP re-injection, 40,000 packets can be captured in less than one minute under good conditions. The actual computation takes about 3 seconds and 3 MB main memory on a Pentium-M 1.7 GHz and can additionally be optimized for devices with slower CPUs. The same attack can be used for 40 bit keys too with an even higher success probability.
To summarise, there is a 50% probability that a WEP key can be discovered in around a minute and a 95% probability that it can be uncovered in about two minutes using fairly standard PC to process the data (which takes only 3 seconds to do) and freely available tools!
So, any wannabe script-kiddie who searches Google for long enough can find out how to break your WEP in around a minute and gain access to your router/access point. Not desirable at all.
To protect your wireless network use a version of WPA. The paper above advises:
Most wireless equipment vendors provide support for TKIP (as known as WPA1) and CCMP (also known as WPA2) which provides a much higher security level. All users should switch to WPA1 or even better WPA2.
Steve Gibson will be discussing this on next week’s Security Now podcast, scheduled for 27th April.
However, there’s no need to wait until then to change from WEP to WPA.