[1] However, the closely related bar mitzvah attack, based on the same research and revealed in 2015, does exploit those cases where weak keys are generated by the SSL keying process.
The FMS attack gained popularity in network attack tools including AirSnort, weplab, and aircrack, which use it to recover the key used by WEP protected wireless networks.
The basis of the FMS attack lies in the use of weak initialization vectors (IVs) used with RC4.
Theoretically, the key stream functions as a random one-time pad, as a pseudo-random number generator controls the output at each step.
By collecting multiple messages—for example WEP packets—and repeating these steps, the attacker will generate a number of different possible values.