WEP vulnerabilities -- wired equivalent privacy?

This article is excerpted from InformIT.

WEP has received an enormous amount of attention in the media as being flawed and broken. As its name implies, WEP was only intended to give wireless users the level of security implied on a wired network (which isn't much). Except in a fully switched environment, all wired traffic is exposed to the risk of eavesdropping (a.k.a., packet sniffing). WEP was not designed to be the end-all, be-all security solution for wireless networks and, as we shall see, WEP has a number of shortcomings, which make it vulnerable to several classes of attacks.

The underlying encryption engine used by WEP is RC4, which is widely used in various Internet protocols including secure Web pages (HTTPS). When it comes to WEP flaws, the problem isn't RC4. The problem is the way that RC4 is implemented. In particular, the implementation of IVs is flawed because it allows IVs to be repeated and hence, violate the No. 1 rule of RC4: Never, ever reuse a key.

Security researcher Tim Newsham exposed another vulnerability of WEP by demonstrating that the key generator used by many vendors is flawed for 40-bit key generation. Using a typical laptop, he was able to crack a 40-bit key in less than a minute.

Another flaw of WEP, in the key scheduling algorithm, was discovered and detailed in a paper titled "Weaknesses in the Key Scheduling Algorithm of RC4" written by Scott Fluhrer, Itsik Mantin, and Adi Shamir. This weakness, exploited by commonly available too...

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Mobile Device Security Fingerprint recognition and mobile security Traditional security threats coming soon to mobile device near you Securing your Windows Mobile devices Mobile security: Protecting your data, not just your devices Prevent mobile malware: Learn how to protect your enterprise and devices Podcast: The truth about network security and mobile device access Protecting data on your BlackBerry Going green: Recycling and energy saving tips for mobile devices -- podcast New challenges in mobile device discovery Quiz: Mobile Device Security -- Who else can hear me now? Mobile Device Security Research Mobile Security Mobile security threats Two-factor authentication: Mobile security at your fingertips Securing your Windows Mobile devices In-the-cloud defenses for mobile malware On-device defenses for mobile malware Is malware coming to a smartphone near you? Protecting data on your BlackBerry Defining your mobile security policy Government regulations and mobile security policies Symbian: Protect your data, not just your device Security Wireless security RIM announces overhauled Enterprise Server New products, standards help boost wireless security Safe computing in public hot spots Wireless security and privacy: Best practices and design techniques Don't be fooled by the Java sandbox Nonpareils of mobile security info: Intel's Wireless Security Resource Center Symbol upgrades to meet new Visa security standards Centralized PDA virus protection released Duo forges new creed for mobile data backup

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary mobile VPN  (SearchMobileComputing.com) real-time location system (RTLS)  (SearchMobileComputing.com) screaming cell phone  (SearchMobileComputing.com) SMiShing  (SearchMobileComputing.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

ls such as AirSnort, WEPCrack and dweputils, has the ability to crack WEP keys by analyzing traffic from totally passive data captures. If your network is consistently generating traffic at peak speeds, the WEP key (64 or 128 bit) can be cracked after capturing just a few hours of encrypted data. On a network with minimal activity, this attack could take days or even weeks to capture the requisite traffic. Some packet injection techniques, however, have the ability to artificially flood the network with activity to reduce the amount of time it takes to collect enough packets for an FMS attack. On the other hand, keep in mind that vendors who include weak key avoidance techniques in their firmware (which most do) are not vulnerable to FMS attacks. So, be sure to update your firmware on a periodic basis!

These issues don't make WEP useless, it just means that you have to be careful about how and when you use it. If you aren't able to implement anything else (such as WPA), and the only thing you have is WEP, then go ahead and use it. If you're in a network with minimal security requirements, WEP may be appropriate.

I recommend using WEP and changing keys on a regular basis, if for no other reason, then because it identifies your network as private. Since the 802.11 protocol has no other way to tell the world that they shouldn't be attempting to associate with your AP, using WEP is a first line of defense to keep intruders out, or at least put them on notice that a No Trespassing sign has been posted.

You can read more about WEP's security issues in a more in-depth article from InformIT.