Securing Wireless LANs (WEP)

Securing Wireless LANs (WEP)

Wired Equivalent Protocol (WEP) is a data link level security protocol prescribed by 802.11 standards. It is first and widely used security choice offered in routers for users. It is secured as wired network but less in comparison to WPA2 (Wi-Fi Protected Access 2). It is recognized with 10 or 26 hexadecimal digits.

The 802.11 standard prescribes a data link level security protocol called WEP (Wired Equivalent Privacy), which is designed to make the security of a wireless LAN as good as that of a wired LAN. When 802.11 security is enabled, each station has a secret key shared with the base station. How the keys are distributed is not specified by the standard.

WEP Algorithm is Used to (WEP features):

1. Protect wireless communication from eavesdropping (secretly listening to the private conversation of others without their consent)
2. Prevent unauthorized access to wireless network

Goals of WEP:

1. Access Control
2. Data Integrity
3. Confidentiality

• WEP relies on a secret key which is shared between the sender and the receiver.
• Sender: Mobile station (e.g.: laptop with wireless Ethernet)
• Receiver: Access Point (e.g.: base station)
• Secret Key is used to encrypt packets before they are transmitted. Integrity check is used to ensure packet are not modified in transit. WEP encryption uses a stream cipher based on the Ron's Code 4 (RC4) algorithm. RC4 was designed by Ronald Rivest and kept secret until it leaked out and was posted to the Internet in 1994. In WEP, RC4 generates a key stream that is XORed with the plaintext to form the cipher text.
• WEP Encryption

Encryption details:

1. Uses RC4 algorithm for confidentiality and CRC-32 checksum for integrity.
2. Standard 64-bit WEP uses a 40 bit key which is concatenated with a 24-bit initialization vector (IV) to form the RC4 key.
3. The key size was limited before but now it is extended as 128-bit WEP using 104-bit key size.

Decryption Details:

At the receiver side, cipher text is X0Red with keystream to obtain the plain text.

1. 64-bit WEP key is usually entered as a string 10 hexadecimal character.
2. Each character represents four bits, 10 digits of four bits each gives 40 bits & adding 24 bits IV gives 64 bits WEP key.
3. A 128-bit WEP key is usually entered as a string of 26 hexadecimal characters.
4. 26 digits of four bits each give 104 bits and adding the 24-bit IV produces the complete key.

References:

1. A.S. Tanenbaum, “Computer Networks”, 3rd Edition, Prentice Hall India, 1997.
2. W. Stallings, “Data and Computer Communication”, Macmillan Press, 1989.
3. Kurose Ross, “Computer Networking: A top-down approach”, 2nd Edition, Pearson Education
4. Larry L. Peterson, Bruce S. Davie, “Computer Networks: A Systems Approach”, 3rd Edition, Morgan Kaufmann Publishers