Imran Zaheer

WEP(Wired Equivalent Privacy)

WEP(Wired Equivalent Privacy)

Imran Zaheer's photo
Imran Zaheer
·

2 min read

Table of contents

WEP(Wired Equivalent Privacy) is the wireless security protocol using the RC4 algorithm.

Wired Equivalent Privacy (WEP) is a security protocol and encryption algorithm that secures wireless and Wi-Fi networks. This is not preferred today because of its vulnerabilities that's why its also called Worst Ever Privacy

WEP

Important components of WEP are

  • Initialization Vector (IV)
  • KEY (Password)
  • RC4
  • Key Stream

So to encrypt each packet WEP uses the RC4 algorithm which generates a keystream that is used to encrypt the package.

Keystream XOR “plain data to encrypt” = CipherText

Remember the keystream is generated using the RC4 algorithm.

RC4

RC4 uses Initialization Vector (IV) + KEY(Password) to make a keystream that gonna encrypt the package. The reason IV is used here is that if RC4 uses the Key only then all the packets gonna have the same keystream which is not good.

So in order to generate a different keystream for each packet IV is introduced.

WEP Working

So Initializing vector nothing but a random 24bit number is produced so that every packet has a unique keystream to decrypt it.

Device Side

  1. IV + KEY (Password) → RC4 → keystream IV + KEY is also known as seed (64/128 bit)
    Seed is converted to keystream using the RC4 algorithm
  2. Keystream xor “data to send to the router” = Cipher Text
    -    Data is encrypted using a simple XOR function

Using Keystream to generate CypherText

  1. The packet is sent to the router and now the packet contains two components
    IV (initialization vector)
    Cypher Text

Packet

IV is added to the packet because AP (Access Point) only has the pre-shared KEY (password). AP doesn’t know which random number (IV) is used with the KEY to generating the Keystream.

Access Point (AP) Side

Ap cannot simply decrypt the package using the KEY only because the packet’s encryption key (keystream) is generated using a random number (IV).

  1. So router gets this random number (IV) from the packet, generates the keystream (encryption key) using the same RC4 algorithm
IV (Obtained from the packet) + KEY(Password) --> RC4 --> Keystream

Now AP can use this key stream to decrypt data

Keystream . XOR . “Cypher Text” = “Plain Text”

Decrypting Packet

Originally published at theundersurfers.netlify.app

SecuritywifiWEPwireless security