The simplest method of recovering keystreams is the known plaintext
attack. The attacker sends data over a wired network to a machine on the
wireless network. The AP encrypts it and sends it to the client. The
attacker captures the encrypted wireless traffic. Finally, the attacker
can apply the XOR operation to the plaintext and the captured traffic
and recover the keystream. There are many ways to get known plaintext
sent to a wireless user, from sending ping packets to sending e-mails to
getting a user to visit a known website. Because the attacker knows the
content of each message, he can match it with the encrypted traffic and
recover the keystreams used to encrypt it. An attacker can send data
rapidly to build up his keystream dictionary. Figure illustrates the
known plaintext attack.
Binary XOR Operation:
A B C
0 XOR 0 -> 0
0 XOR 1 -> 1
1 XOR 0 -> 1
1 XOR 1 -> 0
No comments:
Post a Comment