Wired Equivalent Privacy
|
|
Wired Equivalent Privacy (WEP) is part of the IEEE 802.11 standard (ratified in September 1999), and is a scheme used to secure wireless networks (WiFi). Because a wireless network broadcasts messages using radio, it is particularly susceptible to eavesdropping; WEP was designed to provide comparable confidentiality to a traditional wired network, hence the name. However, several serious weaknesses were identified by cryptanalysts, and WEP was superseded by Wi-Fi Protected Access (WPA) in 2003, and then by the full IEEE 802.11i standard (also known as WPA2) in 2004. Despite the inherent weaknesses, WEP provides a bare minimal level of security that can deter casual snooping.
| Contents |
Details
WEP uses the stream cipher RC4 for confidentiality and the CRC-32 checksum for integrity. For RC4, WEP uses two key sizes: 40 bit and 104 bit; to each is added a 24-bit initialisation vector (IV) which is transmitted in the clear.
Flaws
Cam-Winget et al. (2003) surveyed a variety of shortcomings in WEP. Two generic weaknesses were that:
- the use of WEP was optional, resulting in many installations never even activating it, and
- WEP did not include a key management protocol, relying instead on a single shared key amongst users.
More specific attacks have also become evident: in August 2001, Fluhrer et al. published a cryptanalysis of WEP that exploits the way the RC4 cipher is used, resulting in a passive attack that can recover the RC4 key after eavesdropping on the network for a few hours; the attack was soon implemented, and automated tools have since been released. It is possible to perform the attack with a personal computer, off-the-shelf hardware and freely-available software. Cam-Winget et al. write, "Experiments in the field indicate that, with proper equipment, it is practical to eavesdrop on WEP-protected networks from distances of a mile or more from the target."
In 2005, a group from the U.S. FBI gave a demonstration where they broke a WEP-protected network in 3 minutes using publicly available tools.
References
- Nikita Borisov, Ian Goldberg, David Wagner, "Intercepting mobile communications: the insecurity of 802.11." MOBICOM 2001, pp180–189.
- Nancy Cam-Winget, Russell Housley, David Wagner, Jesse Walker: Security flaws in 802.11 data link protocols. Communications of the ACM 46(5): 35-39 (2003)
- Scott R. Fluhrer, Itsik Mantin, Adi Shamir, "Weaknesses in the Key Scheduling Algorithm of RC4 (http://downloads.securityfocus.com/library/rc4_ksaproc.pdf)". Selected Areas in Cryptography 2001: pp1–24.
External links
- (In)Security of the WEP algorithm (http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html)
- Weaknesses in the Key Scheduling Algorithm of RC4 (http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf)
- List of security problems with WEP (http://www.cs.umd.edu/~waa/wireless.html)
- WEP: Dead Again, Part 1 (Dec. 14, 2004) (http://securityfocus.com/infocus/1814)
- WEP: Dead Again, Part 2 (Mar. 8, 2005) (http://securityfocus.com/infocus/1824)
- The Feds can own your WLAN too : TomsNetworking (http://www.tomsnetworking.com/Sections-article111.php)
- Humphrey Cheung, How to crack WEP, part one (http://www.tomsnetworking.com/Sections-article118.php), part two (http://www.tomsnetworking.com/Sections-article120.php), May 2005.
- WEP Cracking, the FBI way (http://primary0.blogspot.com/2005/06/wep-cracking-fbi-way.html)
- Several software tools are available to compute and recover WEP keys by passively monitoring transmissions.
- aircrack (http://www.cr0.net:8040/code/network/)
- AirSnort (http://airsnort.shmoo.com/)
- WEPCrack (http://sourceforge.net/projects/wepcrack)
- Weplab (http://sourceforge.net/projects/weplab)de:Wired Equivalent Privacy
fr:Wired equivalent privacy ko:WEP it:Wired Equivalent Privacy nl:Wired Equivalent Privacy pl:WEP pt:WEP