In this video, we will learn how to hack through various WLAN Authentication schemas – Open and Shared Authentication. As many of you may have guessed Open Authentication is a dud 🙂 and nothing much to explore there apart from corner cases like using MAC address filtering like in the previous video. The focus of this video is breaking shared key authentication.
Shared Key Authentication (SKA) requires the use of WEP encryption and is fundamentally flawed. Its comes as a surprise to me how the IEEE committee let this slip past them during the design of the 802.11 security aspects. To beat SKA, a hacker has to collect the challenge text sent by the access point and the encrypted response sent by the client. He will then XOR both these data values to derive the keystream for the Initialization Vector (IV) and the WEP key. He can then use this to authenticate any challenge sent by the access point to him. We will do a live demo of these concepts in this video!