Wired Equivalent Privacy: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Sandy Harris
No edit summary
m (Text replacement - "{{subpages}}" to "{{PropDel}}<br><br>{{subpages}}")
 
(11 intermediate revisions by one other user not shown)
Line 1: Line 1:
The '''Wired Equivalent Privacy''' or '''WEP''' protocol was the original encryption system used in IEEE 802.11 [[wireless networking]]. It is now deprecated in favour of the newer system [[Wi-Fi_Protected_Access]] or WPA, but WEP is still quite widely deployed.
{{PropDel}}<br><br>{{subpages}}
The '''Wired Equivalent Privacy''' or '''WEP''' protocol was the original encryption system used in IEEE 802.11 [[wireless networking]]. It is still quite widely deployed, but is now deprecated in favour of the newer system [[Wi-Fi Protected Access]] or WPA.


Some argue that the name itself indicates a fundamental design error. Why should a wireless security system be designed for only "wired equivalent" privacy, only as secure as ethernet? Clearly, the requirements are different. If any machine plugged into your wired network can sniff your traffic, that may or may not be problematic. If any machine that joins your wireless network can, that is certainly a problem. The counter-argument would be that, since WEP controls who can join the network, this is not a problem.
Some argue that the name itself indicates a fundamental design error. Why should a wireless security system be designed for only "wired equivalent" privacy, only as secure as ethernet? Clearly, the requirements are different. If any machine plugged into your wired network can sniff your traffic, that may or may not be problematic. If any machine that joins your wireless network can, that is certainly a problem. The counter-argument would be that, since WEP controls who can join the network, this is not a problem.


A number of serious flaws have been found in the WEP system
A number of very serious flaws have been found in the WEP system. "Wired Equivalent Privacy (WEP) isn't."
<ref>{{citation
<ref name=WEP.FAQ>{{citation
| title = Security of the WEP algorithm
| title = Security of the WEP algorithm
| author = Nikita Borisov, Ian Goldberg, and David Wagner
| author = Nikita Borisov, Ian Goldberg, and David Wagner
| url = http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html
| url = http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html
}}</ref>.
}}</ref> '''The system is completely broken.'''


WEP generates keys for different connections by concatenating a connection-specific intialisation value with another secret value, and this creates a vulnerability. It can be broken by a [[related key attack]]
WEP is often cited as an example showing that protocols designed in secret, ignoring [[Kerckhoffs' Principle]], are often of low quality. "These attacks point to the importance of inviting public review from people with expertise in cryptographic protocol design; had this been done, the problems stated here would have surely been avoided." <ref name=WEP.FAQ />
 
WEP generates keys for different connections by concatenating a connection-specific intialisation value with another secret value, and this creates a vulnerability. It can be broken very quickly by a [[related key attack]]
<ref>{{citation
<ref>{{citation
| title = Breaking 104 bit WEP in less than 60 seconds
| title = Breaking 104 bit WEP in less than 60 seconds
Line 17: Line 20:
| url = http://eprint.iacr.org/2007/120}}
| url = http://eprint.iacr.org/2007/120}}
</ref>.
</ref>.
At least one [http://www.tgdaily.com/trendwatch-features/28274-a-wireless-hacking-computer-that-cant-be-hacked custom-built computer] has been created specifically to attack WEP.


== References ==
== References ==
{{reflist|2}}
{{reflist|2}}

Latest revision as of 04:49, 8 April 2024

This article may be deleted soon.
To oppose or discuss a nomination, please go to CZ:Proposed for deletion and follow the instructions.

For the monthly nomination lists, see
Category:Articles for deletion.


This article is a stub and thus not approved.
Main Article
Discussion
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
This editable Main Article is under development and subject to a disclaimer.

The Wired Equivalent Privacy or WEP protocol was the original encryption system used in IEEE 802.11 wireless networking. It is still quite widely deployed, but is now deprecated in favour of the newer system Wi-Fi Protected Access or WPA.

Some argue that the name itself indicates a fundamental design error. Why should a wireless security system be designed for only "wired equivalent" privacy, only as secure as ethernet? Clearly, the requirements are different. If any machine plugged into your wired network can sniff your traffic, that may or may not be problematic. If any machine that joins your wireless network can, that is certainly a problem. The counter-argument would be that, since WEP controls who can join the network, this is not a problem.

A number of very serious flaws have been found in the WEP system. "Wired Equivalent Privacy (WEP) isn't." [1] The system is completely broken.

WEP is often cited as an example showing that protocols designed in secret, ignoring Kerckhoffs' Principle, are often of low quality. "These attacks point to the importance of inviting public review from people with expertise in cryptographic protocol design; had this been done, the problems stated here would have surely been avoided." [1]

WEP generates keys for different connections by concatenating a connection-specific intialisation value with another secret value, and this creates a vulnerability. It can be broken very quickly by a related key attack [2].

At least one custom-built computer has been created specifically to attack WEP.

References

  1. 1.0 1.1 Nikita Borisov, Ian Goldberg, and David Wagner, Security of the WEP algorithm
  2. Erik Tews, Ralf-Philipp Weinmann and Andrei Pyshkin (2007), Breaking 104 bit WEP in less than 60 seconds