WEP WEP (Wired Equivalent Privacy) is a deprecated algorithm to secure IEEE 802.11 wireless networks. Wireless networks broadcast messages using radio and are thus more susceptible to eavesdropping than wired networks. WEP was proposed to give confidentiality comparable to that of a classic wired network.

To address the confidentiality issues of trade wireless networks, the 802.11 standard includes a simple mechanism for encryption of data, it is Wired Equivalent Privacy.

However, several serious vulnerabilities were identified by cryptologists. WEP is sometimes dubbed with the nickname of Weak Encryption Protocol. WEP has been superseded by WPA in 2003 and by WPA in 2004 (WPA2 is the version of the IEEE 802.11i standard certified by the Wi-Fi Alliance.

WEP is an encryption protocol in charge of 802.11 frames using the RC4 symmetric algorithm with key length of 64 bits or 128 bits. The principle of WEP is to define initially a secret key of 40 or 128 bits. This secret key must be declared at the access point and clients. The key is to create a pseudo-random length equal to the length of the frame. Each transmission of data is then encrypted using the pseudo-random number as a mask with an Exclusive or between the pseudo-random number and the frame.

The session key shared by all stations is static, that to deploy a large number of wireless stations it is necessary to configure them using the same session key. Thus knowledge of the key is sufficient to decrypt communications.

In addition, 24-bit key is used only for initialization, which means that only 40-bit 64-bit key used to encrypt and actually 104 bits to 128 bits key.

In the case of 40-bit key, a brute-force attack (trying all possible keys) can quickly bring the hacker to find the session key. Also a fault detected by Fluhrer, Mantin and Shamir on the generation of pseudo-random string makes possible the discovery of the session key stock 100 MB to 1 GB of traffic created intentionally.

WEP is not sufficient to ensure real privacy. However, it is strongly advised to at least implement a 128-bit WEP protection to ensure a minimum level of confidentiality and avoiding in this way 90% risk of intrusion.

To get a higher level of security you should use WPA or WPA2. Use of encrypted tunneling protocols can provide secure data transmission under an insecure network. But replacements for WEP have been developed to restore security to the Wifi  network itself.

Bookmark and Share

One Response to “Wired Equivalent Privacy (WEP)”

Leave a Reply