IVs to Skip for Immunizing WEP against FMS Attack

Kazukuni KOBARA  Hideki IMAI  

IEICE TRANSACTIONS on Communications   Vol.E91-B   No.1   pp.164-171
Publication Date: 2008/01/01
Online ISSN: 1745-1345
DOI: 10.1093/ietcom/e91-b.1.164
Print ISSN: 0916-8516
Type of Manuscript: PAPER
Category: Fundamental Theories for Communications
RC4,  WEP,  IEEE802.11,  WLAN,  FMS attack,  

Full Text: PDF(1.4MB)>>
Buy this Article

The WEP (Wired Equivalent Privacy) is a part of IEEE 802.11 standard designed for protecting over-the-air communication. While almost all of the WLAN (Wireless LAN) cards and the APs (Access Points) support WEP, a serious key recovery attack (aka FMS attack) was identified by Fluhrer et al. The FMS attack can basically be prevented by skipping IVs (Initial Values) used in the attack, but naive skip methods reveal information on the WEP key since most of them depend on the WEP key and the patterns of the skipped IV reveal it. In order to skip IVs safely, the skip patterns must be chosen carefully. In this paper, we review the attack conditions (6) and (7), whose success probability is the highest, 0.05, amongst all known conditions to guess one key-byte from one packet. Then we identify their safe skip patterns.