Wired Equivalent Privacy (WEP): The first ‘confidentiality’ algorithm for the wireless IEEE standard. PRESENTED BY: Samuel Grush and Barry Preston
WEP Components 1) Secret Key and Plaintext 2) Initialization Vector (IV) 3) RC4 Stream Cipher 1) Key Scheduling Algorithm (KSA) Seeded by IV+Secret Key Passes 'State' Array to PRGA 2) Pseudo-Random Generation Algorithm (PRGA) Uses 'State' Array to generate a keystream, while also mixing the Array. 4) Plaintext is combined with its checksum. 5) Bitwise-XOR [when encrypting] Plaintext is bitwise-XOR'd with keystream data to generate cyphertext. KSAPRGA Packet ciphertext IV XOR CRC-32 ICV Seed plaintext Secret Key Initialization Vector (IV)
WEP Decryption CRC-32 Seed KSA PRGAPacket ciphertext IV Secret Key XOR plaintext Received ICV ≟
Key Scheduling Algorithm
Pseudo-Random Generation Algorithm
Weaknesses The Initialization Vector (IV) 24-bit length limits the IV's entropy to 2² ⁴, or about 16.7 million combinations. ● Certain characters in the header are known or can be predicted, leading to a lessened effective entropy. ● The 'Shared Key' authentication system of WEP exposes the beginning of the keystream.