Published on

An Introduction to WEP

1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  2. 2. INTRODUCTION Wireless network connectivity is becoming very important part of computing environments One of the most popular wireless network standard is 802.11 i.e. WLAN. In this standard data is transmitted over radio waves Wireless networks rely on Open Medium With an open network medium, unprotected traffic can be seen by anybody Guarding against such attacks constitutes the domain of Cryptography
  3. 3. What is WEP? WEP is “Wired Equivalent Privacy” or “Wireless Encryption Protocol” It is the original wireless security protocol for the 802.11 standard. It uses the RC4 stream cipher, using a 64-bit key consisting of:  A 24-bit master key  A 40-bit initialization vector (IV) It also employs a CRC integrity checksum
  4. 4. WEP Cryptographic Operations Three major objectives of communication security  Confidentiality  Integrity  Authentication WEP provides operations that attempt to meet these criteria Frame body encryption supports confidentiality. An integrity check sequence protects data in transit and allows receivers to validate that the received data was not altered in transit.
  5. 5. WEP Data Processing Confidentiality and integrity are handled simultaneously. Before encryption, the frame is run through an integrity check algorithm, generating a hash called an integrity check value (ICV) The ICV protects the contents against tampering by ensuring that the frame has not changed in transit. The frame and the ICV are both encrypted, so the ICV is not available to casual attackers
  6. 6. WEP Data Processing As input, WEP requires Three Items viz.  Payload  Key  Initialization Vector (IV) After processing, WEP has a single output.  Encrypted Frame
  7. 7. WEP Keys Mapped Keys/Station Keys  For Unicast traffic. Default Keys WEP keys have an associated number. Up to four keys may be defined in an 802.11 station. Each station receives two keys from the access point  A mapping key (0)  A default Key (1)
  8. 8. WEP key numbering and Storage To efficiently encrypt frames, many 802.11 chipsets include a data structure known as Key Cache. Most chipsets include four key slots. Two types of Key Distribution:  Static/Manual  Dynamic Static WEP uses one key slot whilw dynamic WEP uses two.
  9. 9. WEP Encapsulation When WEP is in use, the frame body expands by 8 bytes.  4 bytes for IV Header  Remaining 4 for ICV Trailer
  10. 10. Design flaws of the WEP System Key management  Manual key management is a minefield of problems  Static WEP offers a shared secret of only 40 bits. Key Reuse  Stream ciphers are vulnerable to analysis when the key stream is reused. IV reuse:  WEPs IV size is 24 bits.  WEP uses the same IV for different data packets.  An attacker can decrypt packets that were encrypted with the same IV. Inappropriate Integrity check:  MD5 or SHA-1 algorithms are more suitable for cryptographic hash than CRC-32.
  11. 11. Attacks on WEP FMS Attack  Fluhrer, Martin and Shamir published the first key recovery attack onWEP.  If the first 2 bytes of enough key stream are known -> The RC4 key is discovered  The first 8 bytes of WEP packet is a known SNAP-SAP header  AirSnort implements this attack  Recovers key after 20,000 packets = 11 seconds
  12. 12. Attacks on WEP IP redirection:  Change the destination of an encrypted packet to a machine controlled by the attacker on the wired network.  Send modified frame to AP that will decrypt it and send to attacker machine  Derive keystream from this ciphertext, plaintext pair  Attacker can reuse keysteam to send/receive WLAN traffic
  13. 13. Attacks on WEP Bit Flipping
  14. 14. Solutions to improve security of WEP Multiple Security measures along with WEP. Using VPN. Using Efficient key management techniques as an additional measure. Using alternative encryption techniques like IPsec instead of WEP.
  15. 15. Conclusions WEP does little to secure the WLAN’s from attackers. Better to use WEP rather than not using any encryption. New standards and specifications which will replace WEP can be expected to provide sufficient security for wireless LAN’s.
  16. 16. THANK YOU