Page Content

Tutorials

Load more

What Is The Wired Equivalent Privacy WEP And How It Works

CCNA
Agarapu Geetha
Author: Agarapu Geetha
4 min.read

Wired Equivalent Privacy WEP

Wired Equivalent Privacy WEP
Wired Equivalent Privacy WEP

An outdated security technique created for 802.11 wireless networks (Wi-Fi) is called Wired Equivalent Privacy (WEP). One of the earliest and most popular Wi-Fi security standards was this one.

The initial IEEE 802.11 standard, which was approved in 1997, had WEP. The term “Wired Equivalent Privacy” refers to its main objective, which was to offer data security and confidentiality on par with what would be anticipated from a conventional wired network. In September 1999, WEP was formally approved as a Wi-Fi security standard.

Also Read About What Is A Wireless LAN Controller WLC In Networking?

How It Works?

WEP uses an encryption key to offer wireless security.

  1. Encryption Algorithm

The RC4 stream cypher is used by WEP to protect the secrecy of data. Since RC4 is a symmetric-stream cypher, data is encrypted at the sender and decrypted at the recipient using the same key.

  1. WEP Keys and Key Management

WEP encrypts and decrypts data sent over a network using a shared secret key.

  • Key Composition: One encryption key per wireless frame is derived from the WEP key, which is a string of bits. An Initialisation Vector (IV) is concatenated with a secret key part to create the key.
  • Key Lengths: Due to initial export restrictions on cryptographic technology from the United States, WEP generally used two major key sizes:
    • 64-bit WEP (WEP-40): Makes use of a 24-bit IV and a 40-bit key. Typically, ten hexadecimal characters are used to enter this.
    • A 104-bit key and a 24-bit IV are used in 128-bit WEP (WEP-104). Usually, 26 hexadecimal characters are used to enter this.
    • Static Key: WEP has a single, static shared key that is used for all communication and needs to be manually configured on every device.
  1. Initialization Vector (IV)

The whole RC4 key stream is created by concatenating the encryption key with the 24-bit IV. The IV is designed to assist in avoiding keystream duplication. But, in addition to the encrypted data packet, the IV is sent unencrypted (as plaintext).

  1. Data Integrity

WEP ensures that data is intact and hasn’t been altered at its destination by using the CRC-32 (Cyclic Redundancy Check) checksum technique.

  1. Authentication Methods

WEP allows wireless clients to be authenticated through two methods:

  • Open System Authentication (OSA): The client tries to connect using the correct WEP key for data encryption later on, without supplying credentials during authentication.
  • Shared Key Authentication (SKA): A four-step challenge-response procedure in which an access point sends a challenge text that is encrypted using the WEP key. Authentication is successful if the decrypted response is identical to the original challenge text.

Also Read About What Is Wi-Fi Eavesdropping, The Threat Of Network Snooping?

Drawbacks and Obsolescence

Due to serious design problems, WEP became widely insecure and eventually deprecated. In 2001, security flaws were revealed, demonstrating that easily accessible software could swiftly decipher encrypted data.

WEP’s main vulnerabilities are as follows:

Weak Encryption technique: The RC4 technique is no longer regarded as secure due to known cryptographic flaws.

Short Initialisation Vector (IV): Particularly on a busy network, the 24-bit IV is much too short to ensure uniqueness. The stream cypher is susceptible to attack since the same traffic key is reused as a result of this repetition (IV collision). There is a 50% chance of IV recurrence after roughly 5,000 packets.

IV Sent in Plaintext: Attackers can more easily exploit the RC4 key stream and passively extract the secret RC4 key because the IV is sent unencrypted. In just a few minutes, attackers may crack WEP keys.

Weak Data Integrity Check: The CRC-32 checksum is a linear function that is easily exploitable, making it a weak data integrity check. WEP is ineffective in preventing unauthorised data modification because an attacker can alter the encrypted data and recalculate the right CRC value without knowing the encryption key.

Problems with Static Shared Keys: Using a single shared key for all users complicates key management and significantly raises the danger of a compromised key.

Authentication flaw: Because an attacker can determine the keystream used for the handshake by recording the challenge-response frames, shared key authentication is actually less secure than open system authentication.

Deprecation and Successors

It is currently highly discouraged to use WEP because of these serious vulnerabilities.

  • In 2003, the Wi-Fi Alliance unveiled Wi-Fi Protected Access (WPA), a temporary substitute for WEP.
  • When the IEEE ratified the 802.11i standard in 2004, it formally deemed WEP-40 and WEP-104 obsolete.
  • Following WPA, the more secure WPA2 (based on the 802.11i standard) and then WPA3 addressed the core shortcomings of WEP by offering better integrity checks, dynamic key management, and stronger encryption.

Vendors proposed non-standard patches like WEP2 and WEPplus, but they were deemed insecure or were never extensively used. Making the switch from WEP to WPA2 or WPA3 is seen to be essential for guaranteeing a safe wifi setting.

Also Read About Advantages and Disadvantages of Ethernet, Wi-Fi VS Ethernet

Previous article
How Data Encryption Standard Works and Key Characteristics
Next article
What Is OSPFv2 Open Shortest Path First Version 2 In Network
Agarapu Geetha
Agarapu Geetha
My name is Agarapu Geetha, a B.Com graduate with a strong passion for technology and innovation. I work as a content writer at Govindhtech, where I dedicate myself to exploring and publishing the latest updates in the world of tech.

About Us 

Contact Us

Privacy Polacy

Disclaimer

© G Solutions

Index