2

I'm trying to learn about WEP attacks at the moment. I know that attacks against WEP require collisions of the initialization vectors. Is there a way to determine how long it would take for the vectors to be exhausted on 802.11b/g/n networks before an IV repeats? Let's say the data portion of the frame is 1500 bytes and the max bandwidth is being fully used by the frames.

Trying to figure out an equation. Working with 802.11b here. So the max bandwidth is 11Mbps. 1500 byte packet. IV's are 24 bit. So doing some conversion, here's a formula I came up with but I feel like I'm missing a number which I labeled as 'x'.

1500 * (x / (11 * 10^6)) * 2^24 = time in seconds

Wait..24 bit is 3 bytes so, x would equal 8?

so the equation is now 

1500 * (8 / (11 * 10^6)) * 2^24 = 18000 seconds

Does this seem correct?

pfinferno
  • 121
  • 2
  • This can give you some insight http://security.stackexchange.com/questions/41702/how-do-poor-quality-initialization-vectors-affect-the-security-of-cbc-mode?rq=1 – Krishna Pandey Nov 30 '15 at 14:42
  • Thanks. Still having some issues figuring it out. It looks like there's an equation to be formed to figure it out, I'm just having trouble with that. – pfinferno Nov 30 '15 at 23:50
  • Your numbers are a bit off. 11 megabit 802.11b doesn't have a max bandwidth of 11 megabit, that's the raw rate. Realistically it's more like half that. – Steve Sether Dec 01 '15 at 01:19
  • Yeah but just given that the full bandwidth supported is actually being used, it would be 11 right? – pfinferno Dec 01 '15 at 02:47
  • no, as Steve said, it would be a bit less than half that. The maximum bandwidth usable for traffic is a lot less than the raw bandwidth. – Rory Alsop Dec 19 '15 at 01:35

0 Answers0