fbpx
Wikipedia

Wired Equivalent Privacy

January 20, 2023

Wired Equivalent Privacy (WEP) was a security algorithm for 802.11 wireless networks. Introduced as part of the original IEEE 802.11 standard ratified in 1997, its intention was to provide data confidentiality comparable to that of a traditional wired network.[1] WEP, recognizable by its key of 10 or 26 hexadecimal digits (40 or 104 bits), was at one time widely used, and was often the first security choice presented to users by router configuration tools.[2][3]

In 2003, the Wi-Fi Alliance announced that WEP had been superseded by Wi-Fi Protected Access (WPA). In 2004, with the ratification of the full 802.11i standard (i.e. WPA2), the IEEE declared that both WEP-40 and WEP-104 have been deprecated.[4]

WEP was the only encryption protocol available to 802.11a and 802.11b devices built before the WPA standard, which was available for 802.11g devices. However, some 802.11b devices were later provided with firmware or software updates to enable WPA, and newer devices had it built in.[5]

History

WEP was ratified as a Wi-Fi security standard in 1999. The first versions of WEP were not particularly strong, even for the time they were released, due to U.S. restrictions on the export of various cryptographic technology. These restrictions led to manufacturers restricting their devices to only 64-bit encryption. When the restrictions were lifted, the encryption was increased to 128-bit. Despite the introduction of 256-bit WEP, 128-bit remains one of the most common implementations.[6]

Encryption details

WEP was included as the privacy component of the original IEEE 802.11[7] standard ratified in 1997.[8][9] WEP uses the stream cipher RC4 for confidentiality,[10] and the CRC-32 checksum for integrity.[11] It was deprecated in 2004 and is documented in the current standard.[12]

 
Basic WEP encryption: RC4 keystream XORed with plaintext

Standard 64-bit WEP uses a 40-bit key (also known as WEP-40), which is concatenated with a 24-bit initialization vector (IV) to form the RC4 key. At the time that the original WEP standard was drafted, the U.S. Government's export restrictions on cryptographic technology limited the key size. Once the restrictions were lifted, manufacturers of access points implemented an extended 128-bit WEP protocol using a 104-bit key size (WEP-104).

A 64-bit WEP key is usually entered as a string of 10 hexadecimal (base 16) characters (0–9 and A–F). Each character represents 4 bits, 10 digits of 4 bits each gives 40 bits; adding the 24-bit IV produces the complete 64-bit WEP key (4 bits × 10 + 24 bits IV = 64 bits of WEP key). Most devices also allow the user to enter the key as 5 ASCII characters (0–9, a–z, A–Z), each of which is turned into 8 bits using the character's byte value in ASCII (8 bits × 5 + 24 bits IV = 64 bits of WEP key); however, this restricts each byte to be a printable ASCII character, which is only a small fraction of possible byte values, greatly reducing the space of possible keys.

A 128-bit WEP key is usually entered as a string of 26 hexadecimal characters. 26 digits of 4 bits each gives 104 bits; adding the 24-bit IV produces the complete 128-bit WEP key (4 bits × 26 + 24 bits IV = 128 bits of WEP key). Most devices also allow the user to enter it as 13 ASCII characters (8 bits × 13 + 24 bits IV = 128 bits of WEP key).

152-bit and 256-bit WEP systems are available from some vendors. As with the other WEP variants, 24 bits of that is for the IV, leaving 128 or 232 bits for actual protection. These 128 or 232 bits are typically entered as 32 or 58 hexadecimal characters (4 bits × 32 + 24 bits IV = 152 bits of WEP key, 4 bits × 58 + 24 bits IV = 256 bits of WEP key). Most devices also allow the user to enter it as 16 or 29 ASCII characters (8 bits × 16 + 24 bits IV = 152 bits of WEP key, 8 bits × 29 + 24 bits IV = 256 bits of WEP key).

Authentication

Two methods of authentication can be used with WEP: Open System authentication and Shared Key authentication.

In Open System authentication, the WLAN client does not provide its credentials to the Access Point during authentication. Any client can authenticate with the Access Point and then attempt to associate. In effect, no authentication occurs. Subsequently, WEP keys can be used for encrypting data frames. At this point, the client must have the correct keys.

In Shared Key authentication, the WEP key is used for authentication in a four-step challenge-response handshake:

  1. The client sends an authentication request to the Access Point.
  2. The Access Point replies with a clear-text challenge.
  3. The client encrypts the challenge-text using the configured WEP key and sends it back in another authentication request.
  4. The Access Point decrypts the response. If this matches the challenge text, the Access Point sends back a positive reply.

After the authentication and association, the pre-shared WEP key is also used for encrypting the data frames using RC4.

At first glance, it might seem as though Shared Key authentication is more secure than Open System authentication since the latter offers no real authentication. However, it is quite the reverse. It is possible to derive the keystream used for the handshake by capturing the challenge frames in Shared Key authentication.[13] Therefore, data can be more easily intercepted and decrypted with Shared Key authentication than with Open System authentication. If privacy is a primary concern, it is more advisable to use Open System authentication for WEP authentication, rather than Shared Key authentication; however, this also means that any WLAN client can connect to the AP. (Both authentication mechanisms are weak; Shared Key WEP is deprecated in favor of WPA/WPA2.)

Weak security

Further information: Fluhrer, Mantin and Shamir attack

Because RC4 is a stream cipher, the same traffic key must never be used twice. The purpose of an IV, which is transmitted as plain text, is to prevent any repetition, but a 24-bit IV is not long enough to ensure this on a busy network. The way the IV was used also opened WEP to a related key attack. For a 24-bit IV, there is a 50% probability the same IV will repeat after 5,000 packets.

In August 2001, Scott Fluhrer, Itsik Mantin, and Adi Shamir published a cryptanalysis of WEP[14] that exploits the way the RC4 ciphers and IV are used in WEP, resulting in a passive attack that can recover the RC4 key after eavesdropping on the network. Depending on the amount of network traffic, and thus the number of packets available for inspection, a successful key recovery could take as little as one minute. If an insufficient number of packets are being sent, there are ways for an attacker to send packets on the network and thereby stimulate reply packets, which can then be inspected to find the key. The attack was soon implemented, and automated tools have since been released. It is possible to perform the attack with a personal computer, off-the-shelf hardware, and freely available software such as aircrack-ng to crack any WEP key in minutes.

Cam-Winget et al.[15] surveyed a variety of shortcomings in WEP. They wrote "Experiments in the field show that, with proper equipment, it is practical to eavesdrop on WEP-protected networks from distances of a mile or more from the target." They also reported two generic weaknesses:

  • the use of WEP was optional, resulting in many installations never even activating it, and
  • by default, WEP relies on a single shared key among users, which leads to practical problems in handling compromises, which often leads to ignoring compromises.

In 2005, a group from the U.S. Federal Bureau of Investigation gave a demonstration where they cracked a WEP-protected network in three minutes using publicly available tools.[16] Andreas Klein presented another analysis of the RC4 stream cipher. Klein showed that there are more correlations between the RC4 keystream and the key than the ones found by Fluhrer, Mantin, and Shamir which can additionally be used to break WEP in WEP-like usage modes.

In 2006, Bittau, Handley, and Lackey showed[2] that the 802.11 protocol itself can be used against WEP to enable earlier attacks that were previously thought impractical. After eavesdropping a single packet, an attacker can rapidly bootstrap to be able to transmit arbitrary data. The eavesdropped packet can then be decrypted one byte at a time (by transmitting about 128 packets per byte to decrypt) to discover the local network IP addresses. Finally, if the 802.11 network is connected to the Internet, the attacker can use 802.11 fragmentation to replay eavesdropped packets while crafting a new IP header onto them. The access point can then be used to decrypt these packets and relay them on to a buddy on the Internet, allowing real-time decryption of WEP traffic within a minute of eavesdropping the first packet.

In 2007, Erik Tews, Andrei Pychkine, and Ralf-Philipp Weinmann were able to extend Klein's 2005 attack and optimize it for usage against WEP. With the new attack[17] it is possible to recover a 104-bit WEP key with a probability of 50% using only 40,000 captured packets. For 60,000 available data packets, the success probability is about 80%, and for 85,000 data packets, about 95%. Using active techniques like Wi-Fi deauthentication attacks and ARP re-injection, 40,000 packets can be captured in less than one minute under good conditions. The actual computation takes about 3 seconds and 3 MB of main memory on a Pentium-M 1.7 GHz and can additionally be optimized for devices with slower CPUs. The same attack can be used for 40-bit keys with an even higher success probability.

In 2008 the Payment Card Industry (PCI) Security Standards Council updated the Data Security Standard (DSS) to prohibit use of WEP as part of any credit-card processing after 30 June 2010, and prohibit any new system from being installed that uses WEP after 31 March 2009. The use of WEP contributed to the TJ Maxx parent company network invasion.[18]

Caffe Latte attack

The Caffe Latte attack is another way to defeat WEP. It is not necessary for the attacker to be in the area of the network using this exploit. By using a process that targets the Windows wireless stack, it is possible to obtain the WEP key from a remote client.[19] By sending a flood of encrypted ARP requests, the assailant takes advantage of the shared key authentication and the message modification flaws in 802.11 WEP. The attacker uses the ARP responses to obtain the WEP key in less than 6 minutes.[20]

Remedies

Use of encrypted tunneling protocols (e.g., IPSec, Secure Shell) can provide secure data transmission over an insecure network. However, replacements for WEP have been developed with the goal of restoring security to the wireless network itself.

802.11i (WPA and WPA2)

The recommended solution to WEP security problems[21] is to switch to WPA2. WPA was an intermediate solution for hardware that could not support WPA2. Both WPA and WPA2 are much more secure than WEP.[22] To add support for WPA or WPA2, some old Wi-Fi access points might need to be replaced or have their firmware upgraded. WPA was designed as an interim software-implementable solution for WEP that could forestall immediate deployment of new hardware.[23] However, TKIP (the basis of WPA) has reached the end of its designed lifetime, has been partially broken, and had been officially deprecated with the release of the 802.11-2012 standard.[24]

Implemented non-standard fixes

WEP2

This stopgap enhancement to WEP was present in some of the early 802.11i drafts. It was implementable on some (not all) hardware not able to handle WPA or WPA2, and extended both the IV and the key values to 128 bits.[7] It was hoped to eliminate the duplicate IV deficiency as well as stop brute force key attacks.

After it became clear that the overall WEP algorithm was deficient (and not just the IV and key sizes) and would require even more fixes, both the WEP2 name and original algorithm were dropped. The two extended key lengths remained in what eventually became WPA's TKIP.

WEPplus

WEPplus, also known as WEP+, is a proprietary enhancement to WEP by Agere Systems (formerly a subsidiary of Lucent Technologies) that enhances WEP security by avoiding "weak IVs".[25] It is only completely effective when WEPplus is used at both ends of the wireless connection. As this cannot easily be enforced, it remains a serious limitation. It also does not necessarily prevent replay attacks, and is ineffective against later statistical attacks that do not rely on weak IVs.

Dynamic WEP

Dynamic WEP refers to the combination of 802.1x technology and the Extensible Authentication Protocol. Dynamic WEP changes WEP keys dynamically. It is a vendor-specific feature provided by several vendors such as 3Com.

The dynamic change idea made it into 802.11i as part of TKIP, but not for the actual WEP algorithm.

See also

References

  1. ^ IEEE Standard for Information Technology- Telecommunications and Information Exchange Between Systems-Local and Metropolitan Area Networks-Specific Requirements-Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. IEEE STD 802.11-1997. November 1997. pp. 1–445. doi:10.1109/IEEESTD.1997.85951. ISBN 1-55937-935-9.
  2. ^ a b Andrea Bittau; Mark Handley; Joshua Lackey. "The Final Nail in WEP's Coffin" (PDF). Retrieved 2008-03-16. {{cite journal}}: Cite journal requires |journal= (help)
  3. ^ (Press release). RSA Security. 2007-06-14. Archived from the original on 2008-02-02. Retrieved 2007-12-28.
  4. ^ . Archived from the original on April 17, 2008. Retrieved 2008-03-11. -- See article at the Wayback Machine
  5. ^ "SolutionBase: 802.11g vs. 802.11b". techrepublic.com. 19 August 2004.
  6. ^ Fitzpatrick, Jason (September 21, 2016). "The Difference Between WEP, WPA and WPA2 Wi-Fi Passwords". How to Geek. Retrieved November 2, 2018.
  7. ^ a b "WEP2, Credibility Zero". starkrealities.com. Retrieved 2008-03-16.
  8. ^ Harwood, Mike (29 June 2009). "Securing Wireless Networks". CompTIA Network+ N10-004 Exam Prep. Pearson IT Certification. p. 287. ISBN 978-0-7897-3795-3. Retrieved 9 July 2016. WEP is an IEEE standard introduced in 1997, designed to secure 802.11 networks.
  9. ^ Walker, Jesse. (PDF). Rutgers WINLAB. Intel Corporation. Archived from the original (PDF) on 9 July 2016. Retrieved 9 July 2016. IEEE Std 802.11-1997 (802.11a) defined Wired Equivalent Privacy (WEP).
  10. ^ . informit.com. Archived from the original on 2013-05-16. Retrieved 2008-03-16.
  11. ^ "An Inductive Chosen Plaintext Attack against WEP/WEP2". cs.umd.edu. Retrieved 2008-03-16.
  12. ^ (PDF). 2004. Archived from the original (PDF) on 2007-11-29. Retrieved 2007-12-18.
  13. ^ Nikita Borisov, Ian Goldberg, David Wagner. "Intercepting Mobile Communications: The Insecurity of 802.11" (PDF). Retrieved 2006-09-12. {{cite journal}}: Cite journal requires |journal= (help)CS1 maint: multiple names: authors list (link)
  14. ^ Fluhrer, Scott; Mantin, Itsik; Shamir, Adi (2001). "Weaknesses in the Key Scheduling Algorithm of RC4" (PDF).
  15. ^ Cam-Winget, Nancy; Housley, Russ; Wagner, David; Walker, Jesse (May 2003). "Security Flaws in 802.11 Data Link Procotols" (PDF). Communications of the ACM. 46 (5): 35–39. doi:10.1145/769800.769823. S2CID 3132937.
  16. ^ "Wireless Features". www.smallnetbuilder.com.
  17. ^ Tews, Erik; Weinmann, Ralf-Philipp; Pyshkin, Andrei. "Breaking 104 bit WEP in less than 60 seconds" (PDF).
  18. ^ Greenemeier, Larry (May 9, 2007). "T.J. Maxx data theft likely due to wireless 'wardriving'". Information Week. Retrieved September 3, 2012.
  19. ^ Lisa Phifer. "The Caffe Latte Attack: How It Works—and How to Block It". wi-fiplanet.com. Retrieved 2008-03-21.
  20. ^ "Caffe Latte with a Free Topping of Cracked WEP: Retrieving WEP Keys from Road-Warriors". Retrieved 2008-03-21.
  21. ^ "List of WEP (Wired Equivalent Privacy) Problems". TECH HYME. 2022-03-07. Retrieved 2022-03-17.{{cite web}}: CS1 maint: url-status (link)
  22. ^ . networkmagazineindia.com. Archived from the original on 2008-03-24. Retrieved 2008-03-16.
  23. ^ "WIRELESS NETWORK SECURITY" (PDF). Proxim Wireless. Retrieved 2008-03-16. {{cite journal}}: Cite journal requires |journal= (help)
  24. ^ "802.11mb Issues List v12" (excel). 20 Jan 2009. p. CID 98. The use of TKIP is deprecated. The TKIP algorithm is unsuitable for the purposes of this standard
  25. ^ "Agere Systems is First to Solve Wireless LAN Wired Equivalent Privacy Security Issue; New Software Prevents Creation of Weak WEP Keys". Business Wire. 2001-11-12. Retrieved 2008-03-16.

External links

  • The Evolution of 802.11 Wireless Security, by Kevin Benton, April 18th 2010 2016-03-02 at the Wayback Machine

January 20, 2023
wired, equivalent, privacy, security, algorithm, wireless, networks, introduced, part, original, ieee, standard, ratified, 1997, intention, provide, data, confidentiality, comparable, that, traditional, wired, network, recognizable, hexadecimal, digits, bits, . Wired Equivalent Privacy WEP was a security algorithm for 802 11 wireless networks Introduced as part of the original IEEE 802 11 standard ratified in 1997 its intention was to provide data confidentiality comparable to that of a traditional wired network 1 WEP recognizable by its key of 10 or 26 hexadecimal digits 40 or 104 bits was at one time widely used and was often the first security choice presented to users by router configuration tools 2 3 In 2003 the Wi Fi Alliance announced that WEP had been superseded by Wi Fi Protected Access WPA In 2004 with the ratification of the full 802 11i standard i e WPA2 the IEEE declared that both WEP 40 and WEP 104 have been deprecated 4 WEP was the only encryption protocol available to 802 11a and 802 11b devices built before the WPA standard which was available for 802 11g devices However some 802 11b devices were later provided with firmware or software updates to enable WPA and newer devices had it built in 5 Contents 1 History 2 Encryption details 3 Authentication 4 Weak security 4 1 Caffe Latte attack 5 Remedies 5 1 802 11i WPA and WPA2 5 2 Implemented non standard fixes 5 2 1 WEP2 5 2 2 WEPplus 5 2 3 Dynamic WEP 6 See also 7 References 8 External linksHistory EditWEP was ratified as a Wi Fi security standard in 1999 The first versions of WEP were not particularly strong even for the time they were released due to U S restrictions on the export of various cryptographic technology These restrictions led to manufacturers restricting their devices to only 64 bit encryption When the restrictions were lifted the encryption was increased to 128 bit Despite the introduction of 256 bit WEP 128 bit remains one of the most common implementations 6 Encryption details EditWEP was included as the privacy component of the original IEEE 802 11 7 standard ratified in 1997 8 9 WEP uses the stream cipher RC4 for confidentiality 10 and the CRC 32 checksum for integrity 11 It was deprecated in 2004 and is documented in the current standard 12 Basic WEP encryption RC4 keystream XORed with plaintext Standard 64 bit WEP uses a 40 bit key also known as WEP 40 which is concatenated with a 24 bit initialization vector IV to form the RC4 key At the time that the original WEP standard was drafted the U S Government s export restrictions on cryptographic technology limited the key size Once the restrictions were lifted manufacturers of access points implemented an extended 128 bit WEP protocol using a 104 bit key size WEP 104 A 64 bit WEP key is usually entered as a string of 10 hexadecimal base 16 characters 0 9 and A F Each character represents 4 bits 10 digits of 4 bits each gives 40 bits adding the 24 bit IV produces the complete 64 bit WEP key 4 bits 10 24 bits IV 64 bits of WEP key Most devices also allow the user to enter the key as 5 ASCII characters 0 9 a z A Z each of which is turned into 8 bits using the character s byte value in ASCII 8 bits 5 24 bits IV 64 bits of WEP key however this restricts each byte to be a printable ASCII character which is only a small fraction of possible byte values greatly reducing the space of possible keys A 128 bit WEP key is usually entered as a string of 26 hexadecimal characters 26 digits of 4 bits each gives 104 bits adding the 24 bit IV produces the complete 128 bit WEP key 4 bits 26 24 bits IV 128 bits of WEP key Most devices also allow the user to enter it as 13 ASCII characters 8 bits 13 24 bits IV 128 bits of WEP key 152 bit and 256 bit WEP systems are available from some vendors As with the other WEP variants 24 bits of that is for the IV leaving 128 or 232 bits for actual protection These 128 or 232 bits are typically entered as 32 or 58 hexadecimal characters 4 bits 32 24 bits IV 152 bits of WEP key 4 bits 58 24 bits IV 256 bits of WEP key Most devices also allow the user to enter it as 16 or 29 ASCII characters 8 bits 16 24 bits IV 152 bits of WEP key 8 bits 29 24 bits IV 256 bits of WEP key Authentication EditTwo methods of authentication can be used with WEP Open System authentication and Shared Key authentication In Open System authentication the WLAN client does not provide its credentials to the Access Point during authentication Any client can authenticate with the Access Point and then attempt to associate In effect no authentication occurs Subsequently WEP keys can be used for encrypting data frames At this point the client must have the correct keys In Shared Key authentication the WEP key is used for authentication in a four step challenge response handshake The client sends an authentication request to the Access Point The Access Point replies with a clear text challenge The client encrypts the challenge text using the configured WEP key and sends it back in another authentication request The Access Point decrypts the response If this matches the challenge text the Access Point sends back a positive reply After the authentication and association the pre shared WEP key is also used for encrypting the data frames using RC4 At first glance it might seem as though Shared Key authentication is more secure than Open System authentication since the latter offers no real authentication However it is quite the reverse It is possible to derive the keystream used for the handshake by capturing the challenge frames in Shared Key authentication 13 Therefore data can be more easily intercepted and decrypted with Shared Key authentication than with Open System authentication If privacy is a primary concern it is more advisable to use Open System authentication for WEP authentication rather than Shared Key authentication however this also means that any WLAN client can connect to the AP Both authentication mechanisms are weak Shared Key WEP is deprecated in favor of WPA WPA2 Weak security EditFurther information Fluhrer Mantin and Shamir attack Because RC4 is a stream cipher the same traffic key must never be used twice The purpose of an IV which is transmitted as plain text is to prevent any repetition but a 24 bit IV is not long enough to ensure this on a busy network The way the IV was used also opened WEP to a related key attack For a 24 bit IV there is a 50 probability the same IV will repeat after 5 000 packets In August 2001 Scott Fluhrer Itsik Mantin and Adi Shamir published a cryptanalysis of WEP 14 that exploits the way the RC4 ciphers and IV are used in WEP resulting in a passive attack that can recover the RC4 key after eavesdropping on the network Depending on the amount of network traffic and thus the number of packets available for inspection a successful key recovery could take as little as one minute If an insufficient number of packets are being sent there are ways for an attacker to send packets on the network and thereby stimulate reply packets which can then be inspected to find the key The attack was soon implemented and automated tools have since been released It is possible to perform the attack with a personal computer off the shelf hardware and freely available software such as aircrack ng to crack any WEP key in minutes Cam Winget et al 15 surveyed a variety of shortcomings in WEP They wrote Experiments in the field show that with proper equipment it is practical to eavesdrop on WEP protected networks from distances of a mile or more from the target They also reported two generic weaknesses the use of WEP was optional resulting in many installations never even activating it and by default WEP relies on a single shared key among users which leads to practical problems in handling compromises which often leads to ignoring compromises In 2005 a group from the U S Federal Bureau of Investigation gave a demonstration where they cracked a WEP protected network in three minutes using publicly available tools 16 Andreas Klein presented another analysis of the RC4 stream cipher Klein showed that there are more correlations between the RC4 keystream and the key than the ones found by Fluhrer Mantin and Shamir which can additionally be used to break WEP in WEP like usage modes In 2006 Bittau Handley and Lackey showed 2 that the 802 11 protocol itself can be used against WEP to enable earlier attacks that were previously thought impractical After eavesdropping a single packet an attacker can rapidly bootstrap to be able to transmit arbitrary data The eavesdropped packet can then be decrypted one byte at a time by transmitting about 128 packets per byte to decrypt to discover the local network IP addresses Finally if the 802 11 network is connected to the Internet the attacker can use 802 11 fragmentation to replay eavesdropped packets while crafting a new IP header onto them The access point can then be used to decrypt these packets and relay them on to a buddy on the Internet allowing real time decryption of WEP traffic within a minute of eavesdropping the first packet In 2007 Erik Tews Andrei Pychkine and Ralf Philipp Weinmann were able to extend Klein s 2005 attack and optimize it for usage against WEP With the new attack 17 it is possible to recover a 104 bit WEP key with a probability of 50 using only 40 000 captured packets For 60 000 available data packets the success probability is about 80 and for 85 000 data packets about 95 Using active techniques like Wi Fi deauthentication attacks and ARP re injection 40 000 packets can be captured in less than one minute under good conditions The actual computation takes about 3 seconds and 3 MB of main memory on a Pentium M 1 7 GHz and can additionally be optimized for devices with slower CPUs The same attack can be used for 40 bit keys with an even higher success probability In 2008 the Payment Card Industry PCI Security Standards Council updated the Data Security Standard DSS to prohibit use of WEP as part of any credit card processing after 30 June 2010 and prohibit any new system from being installed that uses WEP after 31 March 2009 The use of WEP contributed to the TJ Maxx parent company network invasion 18 Caffe Latte attack Edit The Caffe Latte attack is another way to defeat WEP It is not necessary for the attacker to be in the area of the network using this exploit By using a process that targets the Windows wireless stack it is possible to obtain the WEP key from a remote client 19 By sending a flood of encrypted ARP requests the assailant takes advantage of the shared key authentication and the message modification flaws in 802 11 WEP The attacker uses the ARP responses to obtain the WEP key in less than 6 minutes 20 Remedies EditUse of encrypted tunneling protocols e g IPSec Secure Shell can provide secure data transmission over an insecure network However replacements for WEP have been developed with the goal of restoring security to the wireless network itself 802 11i WPA and WPA2 Edit The recommended solution to WEP security problems 21 is to switch to WPA2 WPA was an intermediate solution for hardware that could not support WPA2 Both WPA and WPA2 are much more secure than WEP 22 To add support for WPA or WPA2 some old Wi Fi access points might need to be replaced or have their firmware upgraded WPA was designed as an interim software implementable solution for WEP that could forestall immediate deployment of new hardware 23 However TKIP the basis of WPA has reached the end of its designed lifetime has been partially broken and had been officially deprecated with the release of the 802 11 2012 standard 24 Implemented non standard fixes Edit WEP2 Edit This stopgap enhancement to WEP was present in some of the early 802 11i drafts It was implementable on some not all hardware not able to handle WPA or WPA2 and extended both the IV and the key values to 128 bits 7 It was hoped to eliminate the duplicate IV deficiency as well as stop brute force key attacks After it became clear that the overall WEP algorithm was deficient and not just the IV and key sizes and would require even more fixes both the WEP2 name and original algorithm were dropped The two extended key lengths remained in what eventually became WPA s TKIP WEPplus Edit WEPplus also known as WEP is a proprietary enhancement to WEP by Agere Systems formerly a subsidiary of Lucent Technologies that enhances WEP security by avoiding weak IVs 25 It is only completely effective when WEPplus is used at both ends of the wireless connection As this cannot easily be enforced it remains a serious limitation It also does not necessarily prevent replay attacks and is ineffective against later statistical attacks that do not rely on weak IVs Dynamic WEP Edit Dynamic WEP refers to the combination of 802 1x technology and the Extensible Authentication Protocol Dynamic WEP changes WEP keys dynamically It is a vendor specific feature provided by several vendors such as 3Com The dynamic change idea made it into 802 11i as part of TKIP but not for the actual WEP algorithm See also EditStream cipher attacks Wireless security Wi Fi Protected AccessReferences Edit IEEE Standard for Information Technology Telecommunications and Information Exchange Between Systems Local and Metropolitan Area Networks Specific Requirements Part 11 Wireless LAN Medium Access Control MAC and Physical Layer PHY Specifications IEEE STD 802 11 1997 November 1997 pp 1 445 doi 10 1109 IEEESTD 1997 85951 ISBN 1 55937 935 9 a b Andrea Bittau Mark Handley Joshua Lackey The Final Nail in WEP s Coffin PDF Retrieved 2008 03 16 a href Template Cite journal html title Template Cite journal cite journal a Cite journal requires journal help Wireless Adoption Leaps Ahead Advanced Encryption Gains Ground in the Post WEP Era Press release RSA Security 2007 06 14 Archived from the original on 2008 02 02 Retrieved 2007 12 28 What is a WEP key Archived from the original on April 17 2008 Retrieved 2008 03 11 See article at the Wayback Machine SolutionBase 802 11g vs 802 11b techrepublic com 19 August 2004 Fitzpatrick Jason September 21 2016 The Difference Between WEP WPA and WPA2 Wi Fi Passwords How to Geek Retrieved November 2 2018 a b WEP2 Credibility Zero starkrealities com Retrieved 2008 03 16 Harwood Mike 29 June 2009 Securing Wireless Networks CompTIA Network N10 004 Exam Prep Pearson IT Certification p 287 ISBN 978 0 7897 3795 3 Retrieved 9 July 2016 WEP is an IEEE standard introduced in 1997 designed to secure 802 11 networks Walker Jesse A History of 802 11 Security PDF Rutgers WINLAB Intel Corporation Archived from the original PDF on 9 July 2016 Retrieved 9 July 2016 IEEE Std 802 11 1997 802 11a defined Wired Equivalent Privacy WEP WPA Part 2 Weak IV s informit com Archived from the original on 2013 05 16 Retrieved 2008 03 16 An Inductive Chosen Plaintext Attack against WEP WEP2 cs umd edu Retrieved 2008 03 16 IEEE 802 11i 2004 Medium Access Control MAC Security Enhancements PDF 2004 Archived from the original PDF on 2007 11 29 Retrieved 2007 12 18 Nikita Borisov Ian Goldberg David Wagner Intercepting Mobile Communications The Insecurity of 802 11 PDF Retrieved 2006 09 12 a href Template Cite journal html title Template Cite journal cite journal a Cite journal requires journal help CS1 maint multiple names authors list link Fluhrer Scott Mantin Itsik Shamir Adi 2001 Weaknesses in the Key Scheduling Algorithm of RC4 PDF Cam Winget Nancy Housley Russ Wagner David Walker Jesse May 2003 Security Flaws in 802 11 Data Link Procotols PDF Communications of the ACM 46 5 35 39 doi 10 1145 769800 769823 S2CID 3132937 Wireless Features www smallnetbuilder com Tews Erik Weinmann Ralf Philipp Pyshkin Andrei Breaking 104 bit WEP in less than 60 seconds PDF Greenemeier Larry May 9 2007 T J Maxx data theft likely due to wireless wardriving Information Week Retrieved September 3 2012 Lisa Phifer The Caffe Latte Attack How It Works and How to Block It wi fiplanet com Retrieved 2008 03 21 Caffe Latte with a Free Topping of Cracked WEP Retrieving WEP Keys from Road Warriors Retrieved 2008 03 21 List of WEP Wired Equivalent Privacy Problems TECH HYME 2022 03 07 Retrieved 2022 03 17 a href Template Cite web html title Template Cite web cite web a CS1 maint url status link 802 11b Update Stepping Up Your WLAN Security networkmagazineindia com Archived from the original on 2008 03 24 Retrieved 2008 03 16 WIRELESS NETWORK SECURITY PDF Proxim Wireless Retrieved 2008 03 16 a href Template Cite journal html title Template Cite journal cite journal a Cite journal requires journal help 802 11mb Issues List v12 excel 20 Jan 2009 p CID 98 The use of TKIP is deprecated The TKIP algorithm is unsuitable for the purposes of this standard Agere Systems is First to Solve Wireless LAN Wired Equivalent Privacy Security Issue New Software Prevents Creation of Weak WEP Keys Business Wire 2001 11 12 Retrieved 2008 03 16 External links EditThe Evolution of 802 11 Wireless Security by Kevin Benton April 18th 2010 Archived 2016 03 02 at the Wayback Machine Retrieved from https en wikipedia org w index php title Wired Equivalent Privacy amp oldid 1109956342, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.