WEP AND WPA

1
WEP AND WPA by Kunmun Garabadu
2
Wireless LAN

• Hot Spot Hotspot is a readily available
  wireless connection.

• Access Point It serves as the communication
  hub so that a wireless device
• can gain access to a cabled network.
• Client
• Router
• Ethernet Cabling

3

• Wireless Network Security vs Wired Network
  Security

• Wireless Security Protocols

• Wired Equivalent Privacy (WEP)
• Wi-fi Protected Access (WPA)

4
Why WEP ?

• WEP implements part of the IEEE 802.11
  standards.It was designed
• to protect networks from eavesdropping. Another
  function is to
• prevent unauthorised access to the network.
• It operates at the data-link and physical layers.
• It does not provide end-to-end security.

• It uses RC4 encryption which is a symmetric
  stream cipher to
• provide confidentiality

• It uses 64 bit or128 bit key encryption.

It uses a 24 bit initialisation vector
(IV)which is randomly generated. It is used to
augment the shared secret key and produce a
different keystream for each packet.

• It uses a CRC-32 checksum for data integrity
  check and this is
• part of the encrypted payload.

5

• Encryption is performed at the Access Point (AP)
  as follows
• The Integrated Check Value(ICV) is computed
• The encryption key is selected
• The Initialisation Vector ( IV) is generated
  using a pseudo random generator
• The IV is appended to the key and the keystream
  is generated
• The ICV is concated with the payload and then
  XORed with the generated key stream.
• AP sends the IV,key number and cipher text to the
  client

6
Encryption Process
7

• Decryption at the client
• Uses key number to get private key
• Uses the sent IV to generate key stream
• XORs the text that was received with the key
  stream
• Computes ICV on payload
• If the new ICV matches the sent ICV the packet is
  authenticated

8
Decryption Process
9
WEPs vulnerabilities

• Short and static key Actual keyspace is 40
  bits or 104 bits
• No easy way to exchange and distribute keys.Key
  change
• involves manually changing the key on each AP
• and Client.
• Simple ASCII key strings are used as keys. Easy
  to crack
• by hackers.

• IV is sent out in clear text usually at the
  starting of the packet.
• IV collision. If the IV appears twice(assuming it
  is used with
• the same cipher key) it is known as a
  collision.
• Keystream is repeated every 2 24 times. This
  could be
• intercepted in a very short period of time on
  high traffic wireless
• networks.An attacker can then recover the
  plaintext.

10

• No mutual authentication. Client does not
  authenticate the access point. Opens up the
  possibility for man-in-the-middle type attack.
• CRC-32 is linear. If the message is manipulated
  the checksum can also be manipulated by a
  malicious user
• Table Attack Significant amount of traffic can
  be generated .A table of keystream/IV pairs can
  be created. The keystream can be obtained by
  doing xor of the plain text with the cipher text.
  This does not generate the key but can get
  decrypted data as long as IV/key stream pair
  exists for each packet

11

• Passive Attack to Decrypt Traffic A passive
  eavesdropper can snoop all packets till an IV
  collision occurs. Two packets having same IV can
  be xored to obtain the xor of the two plain-text
  messages. This XOR can be used to infer the
  contents of the packet. IP traffic is sometimes
  quite redundant. Educated guesses can be made to
  statistically reduce the possibilities of
  messages Sometimes is possible to get to the
  exact messages.
• Active Attack to Inject Traffic An attacker
  who gets to know the exact plain text of one
  encrypted message correctly can use it to
  construct another encrypted message. RC4(X) xor X
  xor Y RC4(Y). The attacker flips bits in the
  encrypted message to change the contents,adjusts
  the CRC and sends it to the destination

12

• Active Attack to change Header An attacker can
  get to the contents of the header especially the
  IP destination. Can change IP address to a
  machine he controls. The port address also can be
  changed.

• WEP provides minimum level of security in small
  network
• environments

13
WPA Wi-fi Protected Access Why WPA ? It was
created to patch the security issues of WEP
14

• WPA implements a subset of 802.11i standards.
  It was started as a
• temporary measure to replace WEP while 802.11i
  got fully prepared

• It uses Temporal Key Integrity Protocol (TKIP)
  which provides
• for key changing dynamically. It replaces WEP
  without having the
• need to replace legacy hardware.It encrypts
  everydata packet with a
• unique key.It hashes the IV and the IV goes out
  encrypted.It is
• defined in 802.11i spec

• It can work with pre-shared keys as well as use
  802.1 x
• authentication

• It uses RC4 stream cipher with a 128 bit key and
  a 48 bit IV
• The longer key and IV together defeat the key
  recovery attacks on
• WEP

15

• It uses a solution called Michael, which is a
  Message Integrity Check
• (MIC), to thwart the checksum being corrupted
  issue, It uses a 32 bit
• Integrity Check Value(ICV).This is inserted after
  payload and before IV.
• The MIC includes a frame counter which helps to
  prevent replay attacks

• WPA2 is the implementation of IEEE 802.11i. It
  implements all
• mandatory features specified in the standard

By increasing the key size, number of keys and by
providing a more secure message verification
system WPA adds security to a wireless
network. WPA can be used for providing more
robust security in corporate environments