Wired Equivalent Privacy

Wired Equivalent Privacy (WEP) is part of the IEEE 802.11 standard (ratified in September 1999), and is a scheme used to secure wireless networks (WiFi). Because a wireless network broadcasts messages using radio, it is particularly susceptible to eavesdropping; WEP was designed to provide comparable confidentiality to a traditional wired network, hence the name. However, several serious weaknesses were identified by cryptographers, and WEP was superseded by Wi-Fi Protected Access (WPA) in 2003, and then by the full IEEE 802.11i standard (also known as WPA2) in 2004. Despite the inherent weaknesses, WEP provides a bare minimal level of security that can deter casual snooping.

Details

WEP uses the stream cipher RC4 for confidentiality and the CRC-32 checksum for integrity. For RC4, WEP uses two key sizes: 40 bit and 104-bit; to each is added a 24-bit initialisation vector (IV) which is transmitted in the clear.

Flaws

Cam-Winget et al. (2003) surveyed a variety of shortcomings in WEP. Two generic weaknesses were that:

• the use of WEP was optional, resulting in many installations never even activating it, and
• WEP did not include a key management protocol, relying instead on a single shared key amongst users.

More specific attacks have also become evident: in August 2001, Fluhrer et al. published a cryptanalysis of WEP that exploits the way the RC4 cipher is used, resulting in a passive attack that can recover the RC4 key after eavesdropping on the network for a few hours; the attack was soon implemented, and automated tools have since been released. It is possible to perform the attack with a personal computer, off-the-shelf hardware and freely-available software. Cam-Winget et al. write, "Experiments in the field indicate that, with proper equipment, it is practical to eavesdrop on WEP-protected networks from distances of a mile or more from the target."

In 2005, a group from the U.S. Federal Bureau of Investigation gave a demonstration where they broke a WEP-protected network in 3 minutes using publicly available tools.

References

• Nikita Borisov, Ian Goldberg, David Wagner, "Intercepting mobile communications: the insecurity of 802.11." MOBICOM 2001, pp180–189.
• Nancy Cam-Winget, Russell Housley, David Wagner, Jesse Walker: Security flaws in 802.11 data link protocols. Communications of the ACM 46(5): 35-39 (2003)
• Scott R. Fluhrer, Itsik Mantin, Adi Shamir, "Weaknesses in the Key Scheduling Algorithm of RC4". Selected Areas in Cryptography 2001: pp1–24.

External links

• (In)Security of the WEP algorithm
• Weaknesses in the Key Scheduling Algorithm of RC4
• List of security problems with WEP
• WEP: Dead Again, Part 1 (Dec. 14, 2004)
• WEP: Dead Again, Part 2 (Mar. 8, 2005)
• The Feds can own your WLAN too : TomsNetworking
• Several software tools are available to compute and recover WEP keys by passively monitoring transmissions.
  • aircrack
  • AirSnort
  • WEPCrack
  • Weplab