Klein and PTW wep attack

Question

I'm working on an implementation of Klein's wep attack.

For that, I've set up a router with wep encryption and collected 50,000 unique IVs from it. I tried only calculating K[0], meaning - the first byte of the key.

I run on all my IVs and calculated the equation as the paper says while keeping a record of the number of times each calculated value was repeated. And finally I am printing the top 30 results.

My problem:

The correct first byte of the key is not in one of the first 30 results.
I keep getting negative numbers as keys.

Maybe there is something wrong with my calculation? Maybe I'm not understanding the algorithm properly?

I will put my code here if needed, but since the calculations are fairly simple, I think there is something else wrong.

I am using this as reference: http://www.item.ntnu.no/_media/people/personalpages/phd/anton/kleins_and_ptw_attacks_on_wep.pdf

If the negative numbers are not expected, are you sure you aren't using signed where you should be using unsigned? — Jan Schejbal, Jun 29 '14 at 19:51

score 1 · Answer 1 · answered Jun 29 '14 at 03:48

I'm not a crypto expert, but I have looked into attacks on WEP. Assuming you've implemented the calculations correctly, there are two possible issues I'm aware of:

Some keys are unusually difficult to crack, requiring far more IVs than normal. You may have picked one of them.
The attack is a known-plaintext attack. Traditionally, the attack is performed using ARP packets because they can be identified easily and have a known prefix. The attack won't work if you've got more than a few non-ARP packets mixed in with your ARP packets.

Klein and PTW wep attack

1 Answers1