Page 4 of 6

PostPosted: Wed Feb 16, 2005 10:03 am
by mfenetre
Hi sylvain,

thanks for your answer.
In fact, the patch delivered with chopchop is for linux-wlan-ng, and I don't use it (only orinoco_cs driver). Maybe I'll test with linux-wlan-ng patched whith chopchop patch.

Did anyone suceed in using orinoco drivers with chopchop ?

thx,
mfenetre.

PostPosted: Wed Feb 16, 2005 12:38 pm
by sylvain
mfenetre wrote:Hi sylvain,

thanks for your answer.
In fact, the patch delivered with chopchop is for linux-wlan-ng, and I don't use it (only orinoco_cs driver). Maybe I'll test with linux-wlan-ng patched whith chopchop patch.

Did anyone suceed in using orinoco drivers with chopchop ?

thx,
mfenetre.


ok so you have to use wlan-ng patched drivers. Otherwise it won't work (that's the case for orinoco). It can work with hostap also I think

PostPosted: Wed Feb 16, 2005 7:10 pm
by KoreK
sylvain wrote:ok so you have to use wlan-ng patched drivers. Otherwise it won't work (that's the case for orinoco). It can work with hostap also I think

He has to use the wlan-ng patch. I didn't manage to make hostap work.

mfenetre, just a reminder: You need an AP, an associated card, and an injection card using the wlan-ng patched module (Or just associate the wlan-ng card, yank it out, back in, inject, and hope the it hasn't been disassociated). If you don't know where to begin, have a look at the auditor CD, chopchop is included:
http://new.remote-exploit.org/index.php/Auditor_main

Mathematical origin of 5% and 13% in WEP attacks

PostPosted: Sat Mar 05, 2005 9:49 pm
by Madory
Not sure if this question fits in this forum but I'm sure to be corrected if I'm wrong, so here goes...

What is the origin of the 5% and the 13% probabilities in the WEP attacks? I have read the FMS and H1kari papers and understood them (I think). Now, I know that:

Prob of success = e^(-3) = 5% (when all X, Y and Z are not swapped)
and
Prob of success = e^(-2) = 13% (when two of X, Y and Z are not swapped)

I already know that they come from modeling the remaining KSA swaps as random, but how are these stats derived?

On Pg. 9 of the FMS paper there is a reference to the following formula:
e^(-2B/N)
where B is the # of the byte of the SK being attacked and N is the length of the keystream. But this formula doesn't seem to apply to my question because there aren't any logical values of B and N that make (2B/N) equal to 2 or 3.

Is there a general form of some crypto-analytical formula that applies here?

Thanks for the help!

Answer to my own question: origin of 5%

PostPosted: Sun Mar 06, 2005 8:09 am
by Madory
When I now see the answer, I want to kick myself for not figuring it out sooner...

For the FMS attack to work, the first two bytes of the IV and the target byte of the secret key must survive the KSA swapping algorithm unchanged after the expected swaps occur. If we model the remaining swaps as random, then the chance that the three bytes in question are unchanged is 5%. This number comes from aggregating the probability that a byte is unchanged over each step over the three bytes.

P(1 byte is unchanged after one random swap) = (1 – 1/N)
N is the length of the resulting keystream.
P(1 byte is unchanged after N random swaps) = (1 – 1/N)^N
P(3 bytes are unchanged after N random swaps) = ((1 – 1/N)^N)^3

The expression, ((1 – 1/N)^N)^3, can be modeled as e^-3 because as N grows to be of any applicable length, the value of the expression asymptotically heads for 0.05. In the end, the value of N is irrelevant as the value is always just below 5%.

If we were to try to keep two bytes the same, P=((1 – 1/N)^N)^2 or or e^-2 or 13%.

Thanks anyway.

PostPosted: Mon Mar 07, 2005 5:15 am
by KoreK
It's a bit incorrect. Basic formula is (1-k/n)^n ~ exp(-k) when n is sufficiently large (mathly speaking lim of the left term when n grows to infinity is exp(-k)). In the papers, you get quantities like (253/256)^(256-p-1) (probability the (256-p-1) bytes of the KSA are different from 3 given values), with p=3,... First you approximate the exponent with 256, and you rewrite (1-3/256)^256, which then you approximate with the limit exp(-3).

cf http://mathworld.wolfram.com/ExponentialFunction.html

Origin of 5%

PostPosted: Mon Mar 07, 2005 6:43 am
by Madory
This makes sense, thanks.

Perhaps it is a case of 6 and one-half-dozen. I got my explanation from "Attacks On RC4 and WEP" by FMS:

"The probability that three locations will not be pointed to by a pseudo random index during the
remaining N - 1 - x rounds is better than ((1-1/N)^N)^3 ~ e^-3 ~ 5%."

((1-1/N)^N)^3
can be reduced to
(e^-1)^3
and finally
e^-3

-OR-

(1-3/N)^N
reduced directly to
e^-3

Anyway, thanks for the general formula - crystal clear now.

half dozen is six

PostPosted: Tue Mar 15, 2005 10:58 am
by noise_gaining
It's the same. Let M = 3N, then

((1-1/N)^N)^3 = (1-3/M)^M




Madory wrote:This makes sense, thanks.

Perhaps it is a case of 6 and one-half-dozen. I got my explanation from "Attacks On RC4 and WEP" by FMS:

"The probability that three locations will not be pointed to by a pseudo random index during the
remaining N - 1 - x rounds is better than ((1-1/N)^N)^3 ~ e^-3 ~ 5%."

((1-1/N)^N)^3
can be reduced to
(e^-1)^3
and finally
e^-3

-OR-

(1-3/N)^N
reduced directly to
e^-3

Anyway, thanks for the general formula - crystal clear now.

PostPosted: Thu Mar 17, 2005 7:11 am
by Beep
KoreK wrote:He has to use the wlan-ng patch. I didn't manage to make hostap work.

mfenetre, just a reminder: You need an AP, an associated card, and an injection card using the wlan-ng patched module (Or just associate the wlan-ng card, yank it out, back in, inject, and hope the it hasn't been disassociated). If you don't know where to begin, have a look at the auditor CD, chopchop is included:
http://new.remote-exploit.org/index.php/Auditor_main


Hi KoreK

I use the new Auditor (120305-01) on my HP OmniBook XE2 Laptop. I also use the Orinoco Silver WiFi card.
Is the necessary chopchop patch already installed on the Auditor CD? Must i apply any patches?

I've got the same problem like mfenetre few posts over me.

Thanks

-Beep

PS: Please dont flame me for my (maybe stupid) question... I searched a answer in google, readme's and this forum several hours/days.

PPS: R.E.S.P.E.C.T. to Korek and Devine for her great tools!

PostPosted: Thu Mar 17, 2005 8:14 am
by sylvain
drivers are already patched in new auditor version..and there is an auditor forum...maybe it's a better place to ask...not sure you really search...probably too lazy

PostPosted: Thu Mar 17, 2005 8:15 am
by G8tK33per
Beep wrote:Hi KoreK

I use the new Auditor (120305-01) on my HP OmniBook XE2 Laptop. I also use the Orinoco Silver WiFi card.
Is the necessary chopchop patch already installed on the Auditor CD? Must i apply any patches?

I've got the same problem like mfenetre few posts over me.

Thanks

-Beep

PS: Please dont flame me for my (maybe stupid) question... I searched a answer in google, readme's and this forum several hours/days.

PPS: R.E.S.P.E.C.T. to Korek and Devine for her great tools!

OK, which one of you is the chick?

PostPosted: Thu Mar 17, 2005 8:19 am
by sylvain
I can say it is not Devine, I already met him :cool:

PostPosted: Thu Mar 17, 2005 3:00 pm
by KoreK
G8tK33per wrote:OK, which one of you is the chick?

You need a new pair of stockings , cabin boy?

As for Beep, if you bothered reading my previous posts... And while I am at it, noise_gaining why don't you take a math class...

PostPosted: Fri Dec 30, 2005 5:35 am
by Grant
Anyone know why my version won't compile even though the header file it says is missing isn't?

PostPosted: Fri Dec 30, 2005 6:29 am
by Thorn
Probably the header file isn't in the path. Most often this type of thing occurs because the code's author assumes one particular path, and your system is slightly different.

Try using an explicit path, for example, change:

#include stdio.h

to:

#include /usr/src/stdio.h

(of course the path preceding the header file name would be the required one for your system.)