Wired Equivalent Privacy: Difference between revisions
imported>Sandy Harris mNo edit summary |
imported>Sandy Harris No edit summary |
||
| Line 1: | Line 1: | ||
The '''Wired Equivalent Privacy''' or '''WEP''' protocol was the original encryption system used in IEEE 802.11 [[wireless networking]]. It is now deprecated in favour of the newer system [[Wi-Fi_Protected_Access]] or | The '''Wired Equivalent Privacy''' or '''WEP''' protocol was the original encryption system used in IEEE 802.11 [[wireless networking]]. It is now deprecated in favour of the newer system [[Wi-Fi_Protected_Access]] or WPA, but WEP is still quite widely deployed. | ||
Some argue that the name itself indicates a fundamental design error. Why should a wireless security system be designed for only "wired equivalent" privacy, only as secure as ethernet? Clearly, the requirements are different. If any machine plugged into your wired network can sniff your traffic, that may or may not be problematic. If any machine that joins your wireless network can, that is certainly a problem. The counter-argument would be that, since WEP controls who can join the network, this is not a problem. | Some argue that the name itself indicates a fundamental design error. Why should a wireless security system be designed for only "wired equivalent" privacy, only as secure as ethernet? Clearly, the requirements are different. If any machine plugged into your wired network can sniff your traffic, that may or may not be problematic. If any machine that joins your wireless network can, that is certainly a problem. The counter-argument would be that, since WEP controls who can join the network, this is not a problem. | ||
Revision as of 02:57, 8 February 2010
The Wired Equivalent Privacy or WEP protocol was the original encryption system used in IEEE 802.11 wireless networking. It is now deprecated in favour of the newer system Wi-Fi_Protected_Access or WPA, but WEP is still quite widely deployed.
Some argue that the name itself indicates a fundamental design error. Why should a wireless security system be designed for only "wired equivalent" privacy, only as secure as ethernet? Clearly, the requirements are different. If any machine plugged into your wired network can sniff your traffic, that may or may not be problematic. If any machine that joins your wireless network can, that is certainly a problem. The counter-argument would be that, since WEP controls who can join the network, this is not a problem.
A number of serious flaws have been found in the WEP system [1].
WEP generates keys for different connections by concatenating a connection-specific intialisation value with another secret value, and this creates a vulnerability. It can be broken by a related key attack [2].
References
- ↑ Nikita Borisov, Ian Goldberg, and David Wagner, Security of the WEP algorithm
- ↑ Erik Tews, Ralf-Philipp Weinmann and Andrei Pyshkin (2007), Breaking 104 bit WEP in less than 60 seconds