What exactly is fake authentication in aireplay-ng

Aneesh Relan picture Aneesh Relan · Feb 18, 2015 · Viewed 7.9k times · Source

I have started studying Wireless Security and in WEP security, there is something called fake-auth attack. I know it sends an authentication request and then associates with the AP and then we can proceed to an arp replay attack. I need to know how exactly the fake-auth attack works, because if we do not have the WEP key, how can we authenticate and then associate with the AP to replay ARP packets.

Answer

Leandro Carracedo picture Leandro Carracedo · Feb 18, 2015

The explanation is pretty simple, an access point must authenticate a station before the station can associate with the access point or communicate with the network. The IEEE 802.11 standard defines two types of WEP authentication:

  • Open System Authentication (OSA): allows any device to join the network, assuming that the device SSID matches the access point SSID. Alternatively, the device can use the “ANY” SSID option to associate with any available access point within range, regardless of its SSID.
  • Shared Key Authentication: requires that the station and the access point have the same WEP key to authenticate.

A detailed tutorial on how to perform a fake-auth using shared key authentication here.


UPDATE: How can we associate to the AP without the key?

The fake authentication attack on the WEP protocol allows an attacker to join a WEP protected network, even if the attacker has not got the secret root key. IEEE 802.11 defines two ways a client can authenticate itself in an WEP protected environment.

The first method is called Open System authentication: a client just sends a message to an access point, telling that he wants to join the network using Open System authentication. The access point will answer the request with successful, if he allows Open System authentication.

As you can see, the secret root key is never used during this handshake, allowing an attacker to perform this handshake too and to join an WEP protected network without knowledge of the secret root key. The second method is called Shared Key authentication. Shared Key authentication uses the secret root key and a challenge-response authentication mechanism, which should make it more secure (at least in theory) than Open System authentication, which provides no kind of security.

First, a client sends a frame to an access point telling him, that he wants to join the network using Shared Key authentication. The access point answers with a frame containing a challenge, a random byte string. The client now answers with a frame containing this challenge which must be WEP encrypted. The access point decrypts the frame and if the decrypted challenge matches the challenge he send, then he answers with successful and the client is authenticated.

An attacker who is able to sni an Shared Key authentication handshake can join the network itself. First note, that besides the APs challenge, all bytes in the third frame are constant and therefore known by an attacker. The challenge itself was transmitted in cleartext in frame number 2 and is therefore known by the attacker too. The attacker can now recover the key stream which was used by WEP to encrypt frame number 3. The attacker now knows a key stream and the corresponding IV which is as long as frame number 3.

The attacker can now initiate an Shared Key authentication handshake with the AP. After having received frame number 2, he can construct a valid frame number 3 using his recovered key stream. The AP will be able to successfully decrypt and verify the frame and respond with successful. The attacker is now authenticated.

Reference here.