DEF CON 15 - Vivek Ramachandran - The Emperor Has No Cloak
Vivek Ramachandran: The Emperor Has No Cloak ? WEP Cloaking Exposed
WEP Cloaking is a recently proposed anti-WEP-cracking technique that is claiming to be the savior of legacy WLAN devices still replying on WEP encryption. The WEP Cloaking mechanism is meant to be used in Wireless Intrusion Prevention Systems (WIPS) to protect WEP encrypted networks. The WEP Cloaking technique sends spoofed WEP encrypted packets a.k.a. ?chaff? into the air.
These packets are specially crafted to try and confuse WEP cracking tools which subsequently would fail to crack the WEP key. In course of our talk, we will demonstrate that WEP Cloaking is no panacea; it can at best delay WEP key cracking by a few seconds. We will discuss 3 techniques: Visual Inspection, Sequence number + IV filtering, and Active Frame Replay to reliably beat WEP Cloaking. We also plan to release new tools and patches for existing ones to incorporate these techniques.
Vivek Ramachandran is a member of security research team at AirTight Networks. His current focus is on 802.11 security -- both threats and countermeasures. In 2006, Vivek was featured in the "India Top 10" list of the Microsoft Security Shootout contest (web application security) among a reported 65,000 participants. He has delivered talks and tutorials in security conferences and workshops, and has published case studies and original research papers in DDoS mitigation and arp spoofing detection. Vivek is a graduate in Electronics and Communications from the Indian Institute of Technology, Guwahati.
WEP Cloaking is a recently proposed anti-WEP-cracking technique that is claiming to be the savior of legacy WLAN devices still replying on WEP encryption. The WEP Cloaking mechanism is meant to be used in Wireless Intrusion Prevention Systems (WIPS) to protect WEP encrypted networks. The WEP Cloaking technique sends spoofed WEP encrypted packets a.k.a. ?chaff? into the air.
These packets are specially crafted to try and confuse WEP cracking tools which subsequently would fail to crack the WEP key. In course of our talk, we will demonstrate that WEP Cloaking is no panacea; it can at best delay WEP key cracking by a few seconds. We will discuss 3 techniques: Visual Inspection, Sequence number + IV filtering, and Active Frame Replay to reliably beat WEP Cloaking. We also plan to release new tools and patches for existing ones to incorporate these techniques.
Vivek Ramachandran is a member of security research team at AirTight Networks. His current focus is on 802.11 security -- both threats and countermeasures. In 2006, Vivek was featured in the "India Top 10" list of the Microsoft Security Shootout contest (web application security) among a reported 65,000 participants. He has delivered talks and tutorials in security conferences and workshops, and has published case studies and original research papers in DDoS mitigation and arp spoofing detection. Vivek is a graduate in Electronics and Communications from the Indian Institute of Technology, Guwahati.
Comments
Post a Comment