Wired Equivalent Privacy: Difference between revisions

From Citizendium
Jump to navigation Jump to search
imported>Sandy Harris
(New page: The '''Wired Equivalent Privacy''' or '''WEP''' protocol is a security system used in wireless networking. WEP generates keys for different connections by concatenating a connection-speci...)
 
imported>Sandy Harris
No edit summary
Line 1: Line 1:
The '''Wired Equivalent Privacy''' or '''WEP''' protocol is a security system used in wireless networking.
The '''Wired Equivalent Privacy''' or '''WEP''' protocol was the original encryption system used in IEEE 802.11 [[wireless networking]]. It is now deprecated in favour of the newer system [[WPA]], but WEP is still quite widely deployed.


WEP generates keys for different connections by concatenating a connection-specific intialisation value with another secret value, and this creates a vulnerability. It can be broken by a [[related key attack]]. See for example, "Breaking 104 bit WEP in less than 60 seconds"<ref>{{cite paper
Some argue that the name itself indicates a fundamental design error. Why should a wireless security system be designed for only "wired equivalent" privacy, only as secure as ethernet?
 
A number of serious flaws have been found in the WEP system
<ref{{citation
| title = Security of the WEP algorithm
| author = Nikita Borisov, Ian Goldberg, and David Wagner
| url = http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html
}}</ref>.
 
WEP generates keys for different connections by concatenating a connection-specific intialisation value with another secret value, and this creates a vulnerability. It can be broken by a [[related key attack]]
<ref>{{citation
| title = Breaking 104 bit WEP in less than 60 seconds
| title = Breaking 104 bit WEP in less than 60 seconds
| author = Erik Tews, Ralf-Philipp Weinmann and Andrei Pyshkin
| author = Erik Tews, Ralf-Philipp Weinmann and Andrei Pyshkin

Revision as of 01:43, 8 February 2010

The Wired Equivalent Privacy or WEP protocol was the original encryption system used in IEEE 802.11 wireless networking. It is now deprecated in favour of the newer system WPA, but WEP is still quite widely deployed.

Some argue that the name itself indicates a fundamental design error. Why should a wireless security system be designed for only "wired equivalent" privacy, only as secure as ethernet?

A number of serious flaws have been found in the WEP system <refNikita Borisov, Ian Goldberg, and David Wagner, Security of the WEP algorithm</ref>.

WEP generates keys for different connections by concatenating a connection-specific intialisation value with another secret value, and this creates a vulnerability. It can be broken by a related key attack [1].

References

  1. Erik Tews, Ralf-Philipp Weinmann and Andrei Pyshkin (2007), Breaking 104 bit WEP in less than 60 seconds