Wired equivalent privacy (wep)
akruthik
1,956 views
29 slides
Nov 20, 2016
Slide 1 of 29
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
About This Presentation
WEP
Slide Content
Wired Equivalent Privacy (WEP)
Cryptographic Background to WEP WEP Cryptographic Operations Problems with WEP Dynamic WEP Contents
Guarding against traffic interception is the domain of cryptographic protocols. two most commonly cited informal security objectives are maintaining the secrecy of network data and ensuring it has not been tampered with. Initially ,WEP was the answer for wireless security. WEP has many flaws, but better than nothing (very simple) WEP
WEP requires the use of the RC4 cipher (A stream cipher ) A stream cipher uses a stream of bits, called the keystream . The keystream is then combined with the message to produce the ciphertext . To recover the original message, the receiver processes the ciphertext with an identical keystream . Cryptographic Background to WEP
Keyed stream cipher operation Most stream ciphers operate by taking a relatively short secret key and expanding it into a pseudorandom keystream the same length as the message. The pseudorandom number generator (PRNG) is a set of rules used to expand the key into a keystream. Cryptographic Background to WEP
Cryptographic Background to WEP Stream Cipher Security A totally random keystream is called a one-time pad and is the only known encryption scheme that is mathematically proven to protect against certain types of attacks. One-time pads are not commonly used ,since keystream must be perfectly random the same length as the data it can never be reused.
WEP Cryptographic Operations 3 major objectives of security Confidentiality : protection against interception by unauthorized parties. provided by encryption Integrity : make sure data has not been modified. provided by integrity check sequence Authentication and authorization finding out who the user is . WEP uses 802.1x. whether the access operation is allowed WEP attempts to meet all these objectives
WEP Cryptographic Operations Confidentiality and integrity are handled simultaneously in WEP WEP Data Processing
WEP Cryptographic Operations WEP Data Processing As input, WEP requires three items: The payload to be protected A secret key, used in frame encryption. WEP allows four keys to be stored simultaneously. An initialization vector, used along with the secret key in frame transmission. After processing, WEP has a single output: An encrypted frame, ready for transmission over an untrusted network with enough information to enable decryption at the remote end.
WEP Cryptographic Operations WEP key length The only key length present in the standard is a 64-bit WEP seed 40 bits are shared, IV-24 bits 128-bit WEP seed 104 bits are a kept secret One vendor even offers the option of using 256-bit secret keys WEP, however, is not a well-designed cryptographic system, and the extra bits in the key buy you very little
WEP Cryptographic Operations Types of WEP keys Two types of WEP keys Default keys (broadcast keys) Key mapping keys(unicast keys )
WEP Cryptographic Operations Each mobile device can have its own key value for unicast frame. All users share a single default key . The AP can operate with default keys and key mapping keys simultaneously; When the AP receives a frame (or wants to send one), it looks in the key table to see whether there is an entry corresponding to the MAC address of the mobile. If it finds an entry, it uses it. If not, it uses the default key instead. Key Mapping Keys
WEP Cryptographic Operations WEP uses two key distribution schemes: Static WEP. Administrators distribute single default key manually Manual Key updates . WEP without any key distribution mechanism is often called manual WEP or static WEP . uses same key for all frames transmitted by every station Static WEP is supported by Many low-power devices such as 802.11 phones, handheld bar code scanners, and even some PDAs. Manual (static) versus automatic (dynamic) WEP
WEP Cryptographic Operations Dynamic WEP The encryption keys used by the clients are distributed using key encryption keys derived from strong authentication protocols . In this case, each station uses two keys. mapping key , shared between the station and access point, used to protect unicast frames. default key, shared by all stations in the same service set, that protects broadcast and multicast frames. Manual (static) versus automatic (dynamic) WEP
WEP Cryptographic Operations Dynamic WEP advantages Keys are used less often and protects less traffic. A ttackers have much less data to work for each key, making attacks more time-consuming. At periodic intervals, the keys can be refreshed by the access point. Manual (static) versus automatic (dynamic) WEP
WEP Cryptographic Operations WEP key numbering and storage
WEP Cryptographic Operations WEP key numbering and storage
Problems with WEP Cryptographic Properties of RC4 RC4 is remarkably simple to implement and considered to be very strong if used in the right way. The basic idea behind RC4 encryption is to generate a pseudorandom sequence of bytes called the key stream that is then combined with the data using an exclusive OR (XOR) operation
Problems with WEP
Problems with WEP Cryptographic Properties of RC4
Problems with WEP Cryptographic Properties of RC4 Major weakness in any stream cipher - Reuse of the keystream XOR of the two encrypted packets is equivalent to the XOR of the two plaintext packets By analyzing differences between the two streams in conjunction with the structure of the frame body, attackers can learn about the contents of the plaintext frames themselves
Problems with WEP Cryptographic Properties of RC4 To help prevent the reuse of the keystream , WEP uses the IV to encrypt different packets with different RC4 keys. However, the IV is part of the packet header and is not encrypted .
Problems with WEP Cryptographic Properties of RC4 If IV’s repeat, confidentiality is at risk If we send two ciphertexts ( C , C’ ) using the same IV , then the xor of plaintexts leaks ( P P’ = C C’ ), which might reveal both plaintexts Lesson: If RC4 isn’t used carefully, it becomes insecure IV, P RC4(K, IV) IV, P’ RC4(K, IV)
Problems with WEP Cryptographic Properties of RC4 WEP uses CRC for integrity check but CRC is not cryptographically secure. With CRC it is easy to predict how changing a single bit will affect the result of the CRC calculation.
Design Flaws of the WEP System
Design Flaws of the WEP System As standardized, static WEP offers a shared secret of only 40 bits. WEP's use of the IV tips off an attacker to the reuse of a keystream . IV space is quite small so repetitions are guaranteed on busy networks Two frames that share the same IV almost certainly use the same secret key and keystream .
Design Flaws of the WEP System Infrequent rekeying allows attackers to have Decryption dictionaries large collections of frames encrypted with the same key streams As more frames with the same IV pile up, more information is available about the unencrypted frames even if the secret key is not recovered
Design Flaws of the WEP System WEP uses a CRC for the integrity check. Although the value of the integrity check is encrypted by the RC4 keystream, CRCs are not cryptographically secure. Use of a weak integrity check does not prevent determined attackers from transparently modifying frames.
Design Flaws of the WEP System
Tags
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 1,956
- Slides 29
- Favorites 2
- Age 3297 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
44 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
19 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views