In [1]:
# Initialise the State Array
def initS():
    S = []
    for i in range(256):
        S.append(i)
    return S

# Key Scheduling Algorithm (KSA) for key that is a string
# keySTR is the actual string
def ksa(keySTR):
    S = initS()
    j = 0
    for i in range(256):
        #ord returns unicode code (an integer) from a given character
        #eg. character ord('a') will return 97
        j = (j + S[i] + ord(keySTR[i % len(keySTR)])) % 256 
        S[i] , S[j] = S[j] , S[i]
    return S

# KSA for key which is already a list of bytes in integer form
def ksaByte(keyByte):
    S = initS()
    j = 0
    for i in range(256):
        j = (j + S[i] + keyByte[i % len(keyByte)]) % 256
        S[i] , S[j] = S[j] , S[i]
    return S


# Pseudo Random Generator Algorithm (PRGA) for full text length of keystream
def prga(text, S):
    i = 0
    j = 0
    check = []
    keyStream = ""
    #have to generate a key stream as long as the text to be encrypted or decrypted
    for _ in range(len(text)):
        i = (i + 1) % 256 
        j = (j + S[i]) % 256
        S[i] , S[j] = S[j] , S[i]
        keystreamByte = S[(S[i] + S[j]) % 256]
        check.append(keystreamByte)
        keyStream += chr(keystreamByte) #chr return convert the integer back to character
    print(check)
    print(len(check))
    return keyStream

# Pseudo Random Generator Algorithm (PRGA) for one byte
def prgaByte(S):
    i = 0
    j = 0
    i = (i + 1) % 256 
    j = (j + S[i]) % 256
    S[i] , S[j] = S[j] , S[i]
    keystreamByte = S[(S[i] + S[j]) % 256]
    return keystreamByte


In [2]:
# Enter your key and plaintext
key = "12ab34cd45ef"
plaintext = "This is a plaintext."
encryption_keyStream = ""
encrypted_plainText = ""
decryption_keyStream = ""
decrypted_plainText = ""

#Encryption
S = ksa(key)
encryption_keyStream = prga(plaintext, S)
for i in range(len(plaintext)):
    encrypted_plainText += chr(ord(plaintext[i]) ^ ord(encryption_keyStream[i]))
print("encrypted plaintext: "  +encrypted_plainText)

#Decryption
S = ksa(key)
decryption_keyStream = prga(encrypted_plainText, S)
for i in range(len(encrypted_plainText)):
    decrypted_plainText += chr(ord(encrypted_plainText[i]) ^ ord(decryption_keyStream[i]))
print("decrypted ciphertext: " + decrypted_plainText)

#Correctness Check
if(decrypted_plainText == plaintext):
    print("ARC4 implementation successful")
else:
    print("Something when wrong, decrypted plaintext not equals to plaintext")

[44, 120, 129, 98, 210, 106, 251, 21, 214, 76, 36, 182, 102, 181, 223, 167, 175, 141, 5, 165]
20
encrypted plaintext: xèò5·lTÚÜ±ÓÊõq
[44, 120, 129, 98, 210, 106, 251, 21, 214, 76, 36, 182, 102, 181, 223, 167, 175, 141, 5, 165]
20
decrypted ciphertext: This is a plaintext.
ARC4 implementation successful


# Generating Sample Packets of WEP Snap Headers

In [6]:
import os

# 40 bits WEP key, 5 ASCII Character, 10 Hexadecimal Code
WEP_Key_Hex = "a1c24d3ce2"

# If sample packets file exists, clear the file
if os.path.isfile("WEP_Sample_Packets.csv"):
    WEPSample = open("WEP_Sample_Packets.csv", "w").close()

# Open sample packets file to append generated packets
WEPSample = open("WEP_Sample_Packets.csv", "a")

WEP_Key_Bytes = []
i = 0

# Converting the original 10 Hex Codes to 5 Bytes Key in Integer form
while i < len(WEP_Key_Hex):
    keyByte = int(WEP_Key_Hex[i] + WEP_Key_Hex[i+1], 16)
    WEP_Key_Bytes.append(keyByte) 
    i += 2

# Initial IV form
IV = [3, 255, 0]
sessionKey = IV + key
SNAPheader = "aa"

# Iterating through length of key
for A in range(len(WEP_Key_Bytes)):
    # Increase IV's first byte from 0 to length of key
    # First Byte has to be minimum 3 to have the weak IV form
    IV[0] = A + 3

    # Iterating IV third byte from 0
    for i in range(256):
        IV[2] = i
        sessionKey = IV + WEP_Key_Bytes

        stateArr = ksaInt(sessionKey)
        keyStreamByte = prgaByte(stateArr)

        # Encrypt SNAPheader with keyStreamByte
        cipherByte = int(SNAPheader, 16) ^ keyStreamByte
        WEPSample.write(str(IV[0]) + "," + str(IV[1]) + "," + str(IV[2]) + "," + str(cipherByte) + "\n")
print("WEP_Sample_Packets.csv is generated sucessfully.")

WEPSample.close()

[161, 194, 77, 60, 226]
WEP_Sample_Packets.csv is generated sucessfully.


In [4]:
import pandas as pd

data = pd.read_csv('WEP_Sample_Packets.csv')
data

Unnamed: 0,5,255,68,229
0,5,255,69,33
1,5,255,70,82
2,5,255,71,249
3,5,255,72,161
4,5,255,73,84
...,...,...,...,...
1974,7,255,251,238
1975,7,255,252,14
1976,7,255,253,44
1977,7,255,254,240


# Key Recovery with FMS Attack

In [12]:
simulatedPackets = pd.read_csv("WEP_Sample_Packets.csv")
rows = simulatedPackets.to_numpy()
SNAPheader = "aa"

# 40 bits WEP key, 5 ASCII Character/ Bytes, 10 Hexadecimal Code
keyLength = 5
print("IV is 24 bits / 3 Bytes")
print("Key Length is 40 bits / 5 Bytes")
print("Decrypted Pre-Shared Key: ", end="")

WEP_key = [0, 0, 0]

# This for loop recovers each byte of the key
# A is the index of the current byte of key 
for A in range(keyLength):
    # Initialize occurrence array to 0
    # 1 Byte has 256 possibilities
    occurrenceArr = [0] * 256
    
    # Looping through the simulated packets
    for row in rows:
        # reproduce the first 3 columns of simulated packets
        WEP_key[0] = int(row[0])
        WEP_key[1] = int(row[1])
        WEP_key[2] = int(row[2])

        # Perform KSA
        j = 0
        stateArr = initS()
        # Simulate the S-Box after KSA initialization.
        # For loop for each byte of the key
        for i in range(A + 3):
            j = (j + stateArr[i] + WEP_key[i]) % 256
            temp = stateArr[i]
            stateArr[i] = stateArr[j]
            stateArr[j] = temp

        i = A + 3
        # If the first element of the statement array matches the key position to be checked,
        # Due to the weak IV allowing for unchanged state after i iterations
        if stateArr[0] == A + 3:
            # XOR the known SNAPheader('AA') with the encrypted 'AA' to get the corresponding byte in keystream
            keyStreamByte = int(row[3]) ^ int(SNAPheader, 16)
            # Retrieve key byte through undoing PGRA
            keyByte = (keyStreamByte - j - stateArr[i]) % 256
            # Increment occurence of key appearing
            occurrenceArr[keyByte] += 1

    # Assume that the most occurence is the byte[A] of pre-shared key
    highestProbability = occurrenceArr.index(max(occurrenceArr))
    WEP_key.append(highestProbability)

# Get rid of first 24-bit/3 Bytes initialization vector.
hexform = [format(byte, 'x') for byte in WEP_key[3:]]
Key_Hex = ''.join(hexform)
print(Key_Hex)

IV is 24 bits / 3 Bytes
Key Length is 40 bits / 5 Bytes
Decrypted Pre-Shared Key: a1c24d3ce2
