WEP in 24,000 packets: I forgot to mention in all the hubbub about the WPA flaw discovered by two German researchers last week that they also combined a variety of WEP-cracking techniques to reduce the number of packets necessary to extract a key. The fellows from two technical universities examined and improved previously known algorithms and code for extracting a WEP key, and optimized the process.
Erik Tews and Martin Beck's paper, Practical Attacks against WEP and WPA (now available for download), walks through how they re-examined and combined processing attacks. But the takeaway is that WEP, already known to be very broken is, well, very very very broken. Previous attacks, per their analysis, required from 32,000 to 40,000 packets to be processed to gain a 50-percent likelihood of key recovery. They moved that down to about 24,000.
WEP is still widely used in certain quarters, by home users who don't care about security but simply are setting up a no trespassing sign (which is enforceable by law in many states and countries now); by those who know no better; and by retailers who use systems that are either expensive to upgrade or must be replaced to stop using WEP.
Retailers who accept credit cards may not deploy new systems with WEP starting 1-April-2009, and must discontinue all use of WEP by 30-June-2010 according to new guidelines set by the credit industry giants.