Monday, 5 September 2011

How WEP (Wired Equivalent Privacy) Works


How WEP works?

WEP is one of the most popular encryption method in Wi Fi enviorment and Cisco mentioning this as a reasonably strong encryption method and it works in datalink layer. The main drawback of WEP is use of static keys it will give a chance to intruder to  do trial and error methods to decrypt the message

WEP is using RC4 algorithm to execute the key used for RC4 algorith is having two parts
  1. Manually configured key (40 or 104 byte)
  2. Randomly generated initialization vector (24 byte)
The data/plain text used for RC4 execution is also two parts
  1. Planin text
  2. 2. ICV (4 byte) using CRC 32 algorithm ie integrity check value

(WEP key + IV) XOR (Plain text + ICV) = Encrypted data

RC4 algorithm got two phases

  1. Key stream generation
  2. Encryption

Tx data = Encrypted data + Key ID + IV + FCV  (Key ID and IV in plain text)

We got four options to configure a WEP key the key ID will represent which one out of the four key should be used for the encryption

ICV is the integrity check vector it is to check the integrity of the plain text and it will avoid the chance of replay of the text or modification of data by an attacker. It uses CRC 32 algorithm

Normally IV start from 0 and incremented by 1 in every messages’. In new algorithms IV will start on random numbers and start incrementing as normal. Main use of IV is to avoid collisions coz if we use only wep key if a same data repeats twice the AP will consider new data as a duplicate and drop the packet but in case of IV it will provide randomness for the key we are using

Open WEP

In open WEP the client will send auth request if the SSID is same the auth will be successful then the client will encrypt data with the WEP key configured and AP will decrypt using the same key if the keys are not same neither the the AP nor the client can decrypt messages send each other and the communication fails

Shared WEP

Here before authentication the four way handshake will happen if the keys are not matching the client may not be able to authenticate at all the 4 process follows

  1. Authentication request from client
  2. AP will send a random generated text to client
  3. Client encrypt the the text using WEP key
  4. AP check the message and conform the encrypted keys are matching will send the authentication response to the client
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)