WEP

2,184 views

Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

WEP

  1. 1. Wired Equivalent Privacy - WEP -
  2. 2. Wired Equivalent Privacy (WEP) ‏ <ul><li>Introduction </li></ul><ul><li>Overview </li></ul><ul><li>Authentication </li></ul><ul><li>Encryption </li></ul><ul><li>Decryption </li></ul><ul><li>Recommends </li></ul><ul><li>Q&A </li></ul>
  3. 3. Introduction <ul><li>A wired LAN : physical security </li></ul><ul><li>A wireless LAN : radio waves environments </li></ul>
  4. 4. Introduction (Cont) ‏ <ul><li>Introduced in1997 </li></ul><ul><li>Bring the security of wired to wireless network </li></ul><ul><li>The first and most used-widely algorithm for wireless network </li></ul>
  5. 5. Ways to Attack <ul><li>Passive Attacks (Sniffer) </li></ul><ul><ul><li>Hack WEP </li></ul></ul><ul><ul><li>Hack WPA, WPA2 </li></ul></ul><ul><ul><li>Sniffer Packets </li></ul></ul>
  6. 6. Ways to Attack (Cont) <ul><li>Active Attacks </li></ul>
  7. 7. Ways to Attack (Cont) <ul><li>Jamming Attacks </li></ul>
  8. 8. Ways to Attack (Cont) <ul><li>Man In Middle Attacks </li></ul>
  9. 9. Overview <ul><li>Protect data privacy </li></ul><ul><ul><li>WEP (Wired Equivalent Privacy) ‏ </li></ul></ul><ul><li>Protect data integrity </li></ul><ul><ul><li>CRC (Cyclic Redundancy Check) ‏ </li></ul></ul>
  10. 10. Overview (Cont) ‏ <ul><li>Provide authentication and encryption </li></ul><ul><li>All rely on share key </li></ul><ul><li>Uses RC4 for encryption </li></ul>
  11. 11. Overview (Cont) ‏ <ul><li>Discard wrong frames </li></ul><ul><li>Uses ICV (Integrity Check Value) ‏ </li></ul>
  12. 12. Authentication <ul><li>Open System Authentication </li></ul><ul><li>Shared Key Authentication </li></ul>
  13. 13. Shared Key Authentication
  14. 14. Encryption
  15. 15. Transmission Data
  16. 16. Decryption
  17. 17. XOR A B A XOR B 1 1 0 1 0 1 0 1 1 0 0 0
  18. 18. What’s Problem ??? <ul><li>IV : 24 bit, small, plain text, static </li></ul><ul><li>IV : a part of the RC4 encryption key </li></ul><ul><li>ICV : not encrypted </li></ul><ul><ul><li>Data integrity : not safe </li></ul></ul>
  19. 19. Breaking the Authentication <ul><li>Collecting : </li></ul><ul><ul><ul><ul><li>Clear-text challenge </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Encrypted text </li></ul></ul></ul></ul><ul><li>Compute the RC4 key </li></ul>
  20. 20. Recommends <ul><li>Avoid WEP, use WPA or WPA2 </li></ul><ul><li>Don’t use a weak key </li></ul><ul><li>Change key periodically </li></ul><ul><li>Uses tools </li></ul>
  21. 21. Q&A

×