11

I want to know more about how WEP (Wired Equivalent Privacy) protocol for wireless security. From this Wikipedia article I have got a basic Idea. But what is the initialize vector? Is some kind of token sent for each request? Or is the connecting device authenticated only once in the beginning or some kind of token sent for each request (equivalent to cookies for authentication in Gmail, Yahoo, etc.)?

I have tried to set up WEP security for my Wi-Fi. As per instructions from my ISP, I did the following:

Network Authentication - Open
WEP Encryption         - Enabled
Current Network Key    -1
Encryption Key         -64 bit
Network Key 1          -abcdefghij (10 characters)
Network Key 2          -
Network Key 3          -
Network Key 4          -

What are these network keys?

Matthew
  • 27,233
  • 7
  • 87
  • 101
Ashwin
  • 1,607
  • 3
  • 18
  • 25
  • 6
    You should not be using WEP, If you modem does not support WPA or WPA2 ask your ISP to provide you one that does, WEP SHOULD NOT BE USED because of the possability of the trivial task of breaking the encryption and logging into your wireless network. – Ramhound Jul 20 '12 at 15:46
  • 1
    Agreed. WEP is deprecated by the IEEE, which means that your ISP is basically going against what the IEEE says you should do. Furthermore, it can leave them in an interesting legal position should your network connection be used for illegal purposes, since they prevented you from securing your network to a reasonable level. – Polynomial Jul 20 '12 at 15:48

3 Answers3

22

The initialization vector in WEP is a 24-bit random value that is used to seed the RC4 algorithm.

RC4 is a stream cipher. This means that for each bit of plaintext, it produces one bit of keystream and xors the two, to generate the ciphertext. The keystream is simply a stream of random numbers, generated from the RC4 algorithm.

In the most basic operation of a stream cipher, the algorithm is seeded with a key, such that the same key will always produce the same stream of random numbers. Since both the client and server know the key, they can produce the same keysteam. This allows the client to xor the plaintext with the keystream to produce the ciphertext, and the server to xor the ciphertext with the keystream to produce the plaintext again.

RC4 (WEP) stream cipher diagram

The problem with this is that a key is only a few tens of bits long, but the plaintext may be gigabytes. After a large number of bits have been produced by RC4, the random numbers become predictable, and may even loop back round to the start. This is obviously undesirable, because a known plaintext attack would be able to compute the keystream (c1 xor c2 = k) and use it to decrypt new messages.

In order to solve this problem, an IV was introduced to complement the seed. The IV is a random 24-bit value that changed periodically, in an attempt to prevent re-use of the keystream. Unfortunately, 24 bits is quite small, and the IV often wasn't generated in an unpredictable way, allowing attackers to guess future IVs and use them to deduce the key.

Further attacks involved actively injecting packets into the network, tricking the access point into issuing lots of new IVs, which allowed attackers to crack WEP in minutes or seconds.

Further reading:

Mike Ounsworth
  • 57,707
  • 21
  • 150
  • 207
Polynomial
  • 132,208
  • 43
  • 298
  • 379
  • 1
    how do both the parties agree on a IV value? one more question, ho authentication takes place? Is that also encrypted? – Ashwin Jul 20 '12 at 15:12
  • The IV is sent in the clear. Authentication is a challenge-response, as described [here](http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy#Authentication). – Polynomial Jul 20 '12 at 15:23
  • The RC4 keystream does not "become predictable" after many gigabytes of data are produced. In fact, it's the beginning which is the most predictable. The only time many encryptions is harmful is if you are encrypting the same plaintext many times with the same key, which allows biases to eventually reveal the plaintext. – forest Mar 07 '18 at 03:01
3

You shouldn't use WEP, it's completely insecure and will offer you no protection.

WEP uses RC4 to encrypt the data. Since RC4 is a stream cipher, you can't reuse the key, therefore the RC4 key is built concatenating the WEP key with the IV (which changes with each network packet).

For 64-bit WEP, the key is made with 24 bits from the IV and 40 bits from the WEP key, which results in a 5-letter ascii password or 10 hexadecimal characters. For 128-bit WEP, it is 104 bit WEP key (13 ascii characters) and 24 bits from the IV.

One of the huge flaws of WEP is that the IVs aren't unique and will end repeating over time in a busy network, due to its limited size.

Don't use WEP, use WPA instead.

Zzz
  • 756
  • 5
  • 9
2

To hide patterns in encrypted data while avoiding the re-issuing of a new key after each block cipher invocation a method is needed to randomize the input data.

That "method ... needed to randomize the input data" is initialized with a random value called the Initialization vector (aka IV).

WEP used a short IV (24-bits, to be exact), essentially nullifying its security,

The 802.11 encryption algorithm called WEP (short for Wired Equivalent Privacy) used a short, 24-bit IV, leading to reused IVs with the same key, which led to it being easily cracked. Packet injection allowed for WEP to be cracked in times as short as several seconds. This ultimately led to the deprecation of WEP.

Both quotes from the Initialization vector Wikipedia article.

chao-mu
  • 2,801
  • 18
  • 22