Contents

WEP

Network Security 356 words 2 minutes
Updated on 2022-09-24

WEP(Wired Equivalent Privacy) is the wireless security protocol using RC4 algorithm.

Wired Equivalent Privacy (WEP) is a security protocol and encryption algorithm that secures wireless and Wi-Fi networks. This is not preferred today because of its vulnerabilities thats why its also called Worst Ever Privacy

Important components of WEP are

  • Initialization Vector (IV)
  • KEY (Password)
  • RC4
  • Key Stream

So to encrypt each packet WEP uses the RC4 algorithm which generates a keystream that is used to encrypt the package.

Keystream XOR “plain data to encrypt” = CipherText

Remember the keystream is generated using RC4 algorithm.

RC4 uses Initialization Vector (IV) + KEY(Password) to make a keystream which gonna encrypt the package. The reason IV is used here because if RC4 uses the Key only then all the packets gonna have the same keystream which is not good.

So in order to generate a different keystream for each packet IV is introduced.

WEP Working

So Initializing vector nothing but a random 24bit number produced so that every packet has unique keystream to decrypt it.

  1. IV + KEY (Password) –> RC4 –> keystream

    • IV + KEY is also known as seed (64/128 bit)
    • Seed is converted to keystream using RC4 algorithm

  2. Keystream xor “data to send to the router” = Cipher Text

    • Data is encrypted using simple XOR function

    Using Keystream to generate CypherText

  3. Packet is sent to the router and now the packet contains two components

    • IV (initialization vector)
    • Cypher Text

Packet

IV is added to the packet because AP (Access Point) only have the pre shared KEY (password). AP doesn’t know which random number (IV) is used with the KEY to generate the Keystream.

Ap cannot simply decrypt the package using the KEY only because the packet’s encryption key (keystream) is generated using a random number (IV)

  1. So router gets this random number (IV) from the packet, generate the keystream (encryption key) using the same RC4 algorithm 
IV (Obtained from the packet) + KEY(Password) --> RC4 --> Keystream

Now AP can use this key stream to decrypt data
  1. Decryption: 
    Keystream . XOR . "Cypher Text" = "Plain Text"

    Decrypting Packet

Комментарии