1 / 10

A History of WEP

A History of WEP. The Ups and Downs of Wireless Security. Wireless Communication Beginnings. Early Cordless Phones and Cell Phones Used same idea as Walkie-Talkies Anyone with a “Scanner” could easily eavesdrop on calls Used a Spread-Spectrum algorithm to defeat the traditional “Scanner”.

marli
Download Presentation

A History of WEP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A History of WEP The Ups and Downs of Wireless Security

  2. Wireless Communication Beginnings • Early Cordless Phones and Cell Phones • Used same idea as Walkie-Talkies • Anyone with a “Scanner” could easily eavesdrop on calls • Used a Spread-Spectrum algorithm to defeat the traditional “Scanner”

  3. The 802.11 Standard • Defines wireless communications protocols • 802.11b, 802.11g, 802.11n common wireless network protocols • Similar to early Cell Phones and Cordless Phones at the start – no real protection • Can easily find out network names and connect to them • Invent of War Driving!

  4. Early Security Attempts • Open Access to Networks – Solution? • Filter the “unique” MAC address of the wireless cards • Problem? • Keep a large list of EVERY network card that can have access • No real authentication or check takes place • MAC addresses can be “spoofed”

  5. Introducing WEP • W.E.P. – Wired Equivalent Privacy • Introduced in September of 1999 • First real attempt at securing open wireless networks • Attempted to make the network as confidential as a traditional wired network • Originally used a 40-bit security key, later expanded to 104-bits, and 232-bits

  6. A Look At WEP • IV – Initialization Vector (24-bits) • Key Selected by User • Combined to create a seed to generate the keystream

  7. All Secured Sir……. • RC4 is a popular cipher used in many security applications • Problem: RC4 is a stream cipher • Keystream cannot be reused or you can get back the message • 24-bit IV has a 50% chance of repeating on a busy network after 5000 IVs generated • Can also capture packets an replay them: poor authentication

  8. Demonstration Time

  9. After WEP • WPA created to use existing hardware • Fixes many of the downfalls of WEP • Not without its own problems • Uses a password to generate keys • Dictionary attack • TKIP Algorithm used has flaws • WPA2 developed to fix WPA • Made before WPA flaw discovered

More Related