Cafe Latte
1 like609 views
The document summarizes the Café Latte attack, which allows retrieving WEP keys from isolated "road warrior" clients. It works by tricking the client into associating with a honeypot access point brought up by the attacker, even when the actual network is not present. This causes the client to generate encrypted packets that can be collected and cracked to recover the WEP key stored in its preferred network list, without needing proximity to the real network. The attack represents an evolution from traditional WEP cracking approaches that required the attacker to be near the target network.
Cafe Latte
- 1. Vivek Ramachandran MD Sohail Ahmad www.airtightnetworks.net Cafe Latte with a Free Topping of Cracked WEP - Retrieving WEP Keys From Road-Warriors
- 2. Talk Outline WEP Cracking – a quick primer Debunking the myths of WEP Cracking – Café Latte Café Latte - Attack Background Café Latte – Detailed Analysis Countermeasures against Café Latte Conclusions Q&A
- 3. Cracks in WEP -- Historic Evolution 2001 - The insecurity of 802.11, Mobicom, July 2001 N. Borisov, I. Goldberg and D. Wagner. 2001 - Weaknesses in the key scheduling algorithm of RC4. S. Fluhrer, I. Mantin, A. Shamir. Aug 2001. 2002 - Using the Fluhrer, Mantin, and Shamir Attack to Break WEP A. Stubblefield, J. Ioannidis, A. Rubin. 2004 – KoreK, improves on the above technique and reduces the complexity of WEP cracking. We now require only around 500,000 packets to break the WEP key. 2005 – Adreas Klein introduces more correlations between the RC4 key stream and the key. 2007 – PTW extend Andreas technique to further simplify WEP Cracking. Now with just around 60,000 – 90,000 packets it is possible to break the WEP key. Is there really a need for a New Attack?
- 4. Limitations of the traditional WEP Cracking The attacker needs to be in the RF vicinity of the WEP network The authorized network should have at least one AP up and running which the Clients can connect to Client AP Hacker
- 5. An example scenario where traditional approaches fail An isolated Client far away from the authorized network Hacker Victim This Client has a WEP encrypted network “Toorcon” in its PNL Can we crack the WEP key of “Toorcon” using only this Client? Can we have an IP layer connectivity with this Client? WEP Cracking Fails!! Café Latte Attack to the rescue!
- 6. What is the Café Latte Attack? We attack the Client to retrieve the WEP key The Client can be absolutely isolated and nowhere near the authorized network There is no need for an authorized network AP Hacker Client Moon No AP needed
- 7. Before we begin – a quick 101!
- 8. Attack Background – Windows Wireless Configuration Manager User connects to a WEP protected network “Default” for the first time User enters the WEP key when prompted by the Windows wireless utility “ Default” gets added into the preferred network list (PNL) of the configuration manager
- 9. Attack Background - Conclusions Windows stores the SSID and the WEP key in its Preferred Network List (PNL) Question: Can we retrieve the WEP key from this Client e.g. at a Coffee Shop? Answer: Café Latte Attack
- 10. Can we crack WEP with just an isolated Client? To crack WEP we need a large number of encrypted data packets 90k for PTW 500k for Korek+FMS It does not matter which device produces these packets – Client or AP Is it possible to make the Client produce data packets without connecting to the authorized network’s AP? Client
- 11. Café Latte - How does it work? Client probes for SSID “Default” Hacker sniffs these probes and brings up a Honeypot Client Authenticates and Associates with this Honeypot Fake Authentication and Association works because WEP does not have mutual Authentication Default Default