[dlitz]

> ...but that doesn't make it practical...

If I had a dime for every penny of damage caused when people downplay the practicality of attacks against deployed crypto...

75 hours is enough time to attack a laptop left plugged in at the office over a 3-day weekend, and there's no reason why you'd have to attack only one laptop at a time.

The paper also says, "capturing traffic for 52 hours already proved to be sufficient", so it's not like 75 hours is some hard minimum.

Also:

"Our attack is not limited to decrypting cookies. Any data or information that is repeatedly encrypted can be recovered."

"We can break a WPA-TKIP network within an hour."

RC4 is dead, dead, dead. As with MD5, the writing's been on the wall for a while now, and attacks are only going to get better.

[yuhong]

The attack numbers are under artificially generated network traffic.

[gipsies]

Yes, but we present several techniques on how to generate these amounts of data. For TLS and HTTPS you can use JavaScript. For WPA-TKIP you need control of one TCP connection, and that is enough to generate the data. We're not saying it's a point and click attack, but it's a very good reason to start worrying :)