In: Categories » Electronics and communication » Wireless and mobile computing » Wireless Privacy Protocols ~ WEP detailed
|
The Wired Equivalent Privacy protocol is incorporated as part of the IEEE 802.11b protocol. Actually, the standard only calls for 40-bit WEP, but almost all vendors offer up to 128-bit WEP. To secure data, WEP uses the RC4 algorithm to encrypt the packets of information as they are sent out from the access point or wireless network card. This is the same algorithm used in many other Internet applications that require security, such as Secure Sockets Layer (SSL). SSL is the most common protocol used by online stores to encrypt customer information sent over the Internet. This reduces the risk of a hacker sniffing the customer's credit card information off the wire and adds a layer of protection to the transaction process. RC4 is a secure algorithm, and should remain so for several years to come. However, in this case it is the specific wireless implementation of the RC4 algorithm with respect to the initialization vector that is at fault. In general, it is difficult to correctly implement strong cryptography. Even if a vendor implements a cipher that is known to be very strong, many times the implementation can weaken the cipher or make it ineffective. Implementation oversights could be as simple as insecure key storage, poor random number generation, or flaws in key generation routines. All of these functions may comprise a cipher without actually being part of the cipher itself. The cipher is at the mercy of these outside functions, and can thus be circumvented or weakened by flaws in those dependencies. As you will learn, implementation oversights in WEP include a small IV space (IV collisions), large amounts of known plaintext in IP traffic, IV weaknesses, no key exchange/management mechanisms (which leads to the same shared key for all users), very weak packet integrity protection (CRC32), lack of replay protection, and a flawed authentication system. Items not addressed by the 802.11 WEP definitions, such as IV incrementing, also lead to problems with WEP implementations. Most implementations start IV counters at zero upon card initialization, and IV collisions between nodes is very common when users boot in the morning.
|
legal disclaimer
1) Our website is not responsible for the information contained by this article as well for any and all copyright infringements by authors and writers. E-articles is a free information resource. If you suspect this article for any copyright infringements, please read the Terms of service and contact us to investigate the problem.
2) The E-articles directory team is not responsible for inaccuracies, falsehoods, or any other types of misinformation this tutorial may contain and will not be liable for any loss or damage suffered by a user through the user's reliance on the information gained here. Please read the Terms of service
Useful tools and features
If you like this article (tutorial), please link to it from your web page using the information above. Linking to this page, this is the only way to help us improve our service, the same time providing your visitors with a way to improve their online experience.
related articles
Despite the prevalence of standards committees in the wireless industry, there is no single unifying standard. It is important for enterprises to consider all the aspects involved in mobile support while contemplating a strategy for mobile e-commerce. Some of the key criteria in choosing a wireless network specification include: Average size of transfers Number of devices in the wireless network Others Range of transmission Secur...
2. Wireless Attacks ~ War Driving
When a surveillance attack is either impossible or too difficult, war driving is an effective alternative. In many situations, war driving follows and adds information to a prior surveillance attack. Conversely, the information obtained from random war driving often leads to a surveillance attack on a discovered location. The term war driving is borrowed from the 1980s phone hacking tactic known as war dialing. War dialing involves dialing all the phone numbers in a given sequence to search for modems. In fact, this method of ...
3. How To Get Photo Quality Prints
There are a variety of ways to get photo-quality prints from your digital images. You can make them yourself with a printer at home, or have a photo finisher do the work for you. Many camera stores offer photo finishing from digital images. Simply take in your memory card, order the prints, and pick them up the next day. This service is now available in most drugstore chains, too—instead of dropping off a roll of film while running your errands, you leave them your memory card instead. You can also order prints throu...
4. Wireless Attacks ~ Rogue Access Points
Rogue access points are those connected to a network without planning or permission from the network administrator. For example, we know one administrator in Dallas who just did his first wireless security scan (war driving) on his eight-building office campus. To his surprise, he found over thirty access points. Worse, only four of them had authorization to be connected to the network. Needless to say, heads rolled. Rogue access points are becoming a major headache in the security industry. With the price of low-end ac...
There are various wireless communication protocols. These technologies range in scope from long distance WLANs to one-meter IrDA devices. Each of these technologies has its niche, as well as its attendant strengths and weaknesses. For example, WLANs enable the transmission of data up to several hundred feet, but often require manual configuration changes that are difficult to implement. On the other hand, IrDA permits a seamless connection between devices without the need for extra configuration. However, their usability is de...
6. Wireless Network Protocols ~ Understanding HomeRF and IrDA
About the same time WECA approved the 802.11 standard, several other types of wireless technologies were being introduced. Although a few have made a rather impressive niche in the Personal Area Network (PAN) market, the only other WLAN technology that came close to competing with 802.11 was HomeRF. Using the Shared Wireless Access Protocol (SWAP), HomeRF merges the 802.11 FHSS standard with the six voice channels based on Digital Enhanced Cordless Telecommunications (DECT). In other words, the home network included both ...
7. WLAN Broadcasting ~ MiniStumbler ~ a wireless network scanner
MiniStumbler is a very user-friendly wireless network scanner that listens for beacon signals coming from open and broadcasting WLANs. In addition, this program will provide a plethora of information that makes it very useful for both hackers and the security professionals. As you will see, MiniStumbler might be small, but it packs a load of power in its functionality. Installing MiniStumbler MiniStumbler is a basic one-file program that simply needs to be downloaded, unzipped, and placed in the My Documents sha...
8. How To Present a Digital Slideshow
Slideshows are an age-old photographic tradition. Digital cameras make it easier than ever to present your images to many people at once. Most digicams have a "video out" capability that lets you connect your camera directly to a television for playback on a large screen. If your camera has this functionality, it most likely has a slideshow mode that allows you to choose images that are stored on the memory card and present them on the television in timed intervals. All you have to do is turn on the stereo for some ba...
9. Concerns for Mobile Enterprises
Although it is one thing for organizations to keep up with the latest industry trends, making it happen in everyday life is a totally different story. The following are some of the key concerns of enterprises that are contemplating a mobile e-commerce strategy: Security: Wireless networks are very easy to break into and difficult to monitor. Your enterprise assets must be protected. Management: Effective management of the components that make up a mobile enterprise, all the way from servers to the ...