final - CSE 566 - WIRELESS NETWORK SECURITY PROJECT 2...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
CSE 566 - WIRELESS NETWORK SECURITY PROJECT 2 – Cracking WEP By (Team 1) Ashish Dhal Pankaj Kumar Yadav (Team 2) Prakash Nair Sandeepkrishnan Poyyalae Saranya Chundi
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
INTRODUCTION Wired Equivalent Privacy (WEP), is a security protocol for wireless local area networks (WLANs) defined in the 802.11b standard. WEP is primarily used to protect wireless communication from eavesdropping. It is also used to prevent unauthorized access to a wireless network. WEP relies on a secret key that is shared between a mobile station (e.g. a laptop with a wireless Ethernet card) and an access point (i.e. a base station). The secret key is used to encrypt packets before they are transmitted, and an integrity check is used to ensure that packets are not modified in transit. WEP uses the RC4 encryption algorithm, which is known as a stream cipher. A stream cipher operates by expanding a short key into an infinite pseudo-random key stream. The sender XORs the key stream with the plaintext to produce cipher text. The receiver has a copy of the same key, and uses it to generate identical key stream. XORing the key stream with the cipher text yields the original plaintext. This mode of operation makes stream ciphers vulnerable to several attacks. if an eavesdropper intercepts two cipher texts encrypted with the same key stream, it is possible to obtain the XOR of the two plaintexts. Knowledge of this XOR can enable statistical attacks to recover the plaintexts. The statistical attacks become increasingly practical as more cipher texts that use the same key stream are known. Once one of the plaintexts becomes known, it is trivial to recover all of the others. WEP has defenses against these kinds of attacks. To avoid encrypting two cipher texts with the same key stream, an Initialization Vector (IV) is used to augment the shared secret key and produce a different RC4 key for each packet. The IV is also included in the packet. Each packet is encrypted with an RC4 cipher stream generated by a 64-bit RC4 key. This key is composed of a 24-bit initialization vector (IV) and a 40-bit WEP key. The encrypted packet is generated with a bitwise exclusive OR (XOR) of the original packet and the RC4 stream. The IV is chosen by the sender and can be changed periodically so every packet won't be encrypted with the same cipher stream. The initialization vector in WEP is a 24-bit field, which is sent in the clear text part of a message. Such a small space of initialization vectors guarantees the reuse of the same key stream. A busy access point, which constantly sends packets at a moderate rate, will exhaust the space of IVs after certain time span. This allows an attacker to collect two cipher texts that are encrypted with the same key stream and perform statistical attacks to recover the plaintext. Worse, when the same key is used by all mobile stations, there are even more chances of IV collision. For example, a common wireless card from Lucent resets the IV to 0 each time a card is initialized, and increments the IV by 1 with each packet. This means that two cards inserted at roughly the same time will provide an abundance of IV collisions for an attacker.
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/16/2011 for the course CSE 566 taught by Professor Dr.shamboo during the Fall '10 term at SUNY Buffalo.

Page1 / 14

final - CSE 566 - WIRELESS NETWORK SECURITY PROJECT 2...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online