WEP hacking and why IV capture is needed

Question

trying to get my head around the theory of attacking WEP encryption, specifically IVs (Initialization Vectors). I understand the concept and purpose of the IV (bit like ‘salt’ appended to a password hash?):

• seed=IV+WEP Key
• IV is generally 24bits
• IV is in clear plaintext in the packet
• IV is in hex

So, if IV’s are sent in plaintext and say the IV is 24bits (equivalent of 3 ASCII characters e.g AB3). I can thus see an IV value within a Wireshark WEP captured packet (screenshot below under IEE802.11 -> WEP Parameters). Example in screenshot, that 1 particular network WEP packet is displaying an IV value of 0x1cd799 (assuming this is hex format?). I tried converting this value within a hex to ascii convertor online but get errors in conversion?

Secondly, I understand to crack a WEP key, firstly massive amount of packets (50,000+) must be captured because each packet contains a different random WEP IV value (from pool 2^24bits). After a while and lots of packet captures, you may start encountering duplicate WEP IV values (aka IVs being reused). Questions in terms of my confusion here is thus:

1. Why is it that once you manage to capture just one IV that has been confirmed as “re-used” this is enough to start WEP brute force attack on the WEP key part now of (IV+WEP Key)?
2. Is it not just a given that every IV will be eventually duplicated at some point by law of averages and format, so why do we need to capture massive amounts of packets for IVs just to confirm re-use occurred?
3. If we just captured just one WEP packet and just used the IV value present in there (like in screenshot) why do we need to capture another odd say 50,000 packets?
4. Once we do have a confirmed “re-used” packet, am I correct in thinking we thus stop the packet capture for IV’s and then next part of the attack is trying to brute force (via airdecap-ng) the WEP key by sending crafted packets trying to guess the WEP key and using the “reused” confirmed captured WEP IV value as the IV appended to our guessed WEP key brute force value, over and over. So, if for conceptual purposes, our IV was say "AB3" we would then do brute force attacks appending AB3.WEPKEYBRUTEFORCEVALUE1, AB3.WEPKEYBRUTEFORCEVALUE2, AB3.WEPKEYBRUTEFORCEVALUE3….etc etc until WEP Key was cracked?

To quote the famous movie Philadelphia (1993) - anyone who answers this question please "explain this to me like I’m a 4-year-old, OK, because there’s an element to this thing I just cannot get through my thick head."

Hope this all makes sense and thanks in advance for any answers.

Answer 1

If you want to know the full story, please consider taking part in Courseras Cryptography I course with Professor Boneh: https://www.coursera.org/learn/crypto. You will get everything explained much better than I can probably do.

So, how does WEP hacking works then?

First of all we need to understand, how stream ciphers work. Consider this picture:

There is a cipher (RC4 in our case) and it is parametrized by two things: IV and key.

Now in WEP the key is constant, the IV changes but the size of the IV domain is rather small (in XXI century 128 bits is the minimum). And WEP simply increments the IV. At the certain point it must reset the IV and start from the beginning. This is where the magic happens.

Consider two cipertexts c1 and c2. You know, they are generated using the same IV, as IV is public. You don't know the corresponding plain texts m1 and m2. But you know that the ciphertexts have been generated by the same key stream. You do following:

c1 XOR c2 = m1 XOR m2

Now, c1 and c2 is indistinguishable from random values. But m1 and m2 is not. You can start guessing m1 and m2 so that the equation is fulfilled. This is what the first part of cracking is about.

The next part goes like this:

c1 XOR m1 = keystream

Cool. Now we know the keystream. Last thing last, we must guess the key that produces keystream to the given IV. Once it is done, WEP is cracked.

Hope this helps. Please take part in Coursera course, if you find such hacking entertaining.