Date Added: Nov 2010
The authors put on display an active attack on the WEP protocol that is able to recover a 64-bit WEP key using 5000 capture packets with a success probability of 90%. In order to succeed 100% in all cases, more than 5000 packets are needed. The IV of these packets can be randomly chosen. This is an improvement in the number of required frames by more than an order of level over the best known key-recovery attacks for WEP. In this paper they demonstrate the security flaws of Wireless LAN by cracking 64 bit WEP key on Wi-Fi access points using Backtrack, a live Linux distribution. They attack the Wi-Fi AP, making it generate packets for the cracking effort, finally cracking the WEP key successfully.