ECE 578 Computer Networks and Security
|
Project : WEP Protocol Weaknesses and Vulnerabilities
Abstract:
The popularity of wireless networks is causing many engineers
to analyze weaknesses and vulnerabilities in current wireless protocols.
In the 802.11 standard an optional encryption protocol called Wired
Equivalency Privacy (WEP) is used to make wireless traffic as secure
as wired network traffic. WEP's duty is to encrypt packets and authenticate
wireless LAN adapters. WEP is implemented at the data-link layer on
all Wi-Fi compliant devices. RC4 is used as the encryption algorithm
in WEP, which has been thoroughly analyzed and thought of as secure.
WEP suffers from the following weakness:
- A shared key weakness -
- No per-packet authentication
- Vulnerability to disassociation attacks
- No user identification and authentication
- No central authentication, authorization, and accounting support
- RC4 is vulnerable to known plaintext attacks
- and others
To address these concerns IEEE has replaced WEP with a patch called WSA. These new revisions to the original 802.11 standard will be used in the new version of security protocols 802.11i and 802.1X. Our paper will discuss the weaknesses and vulnerabilities of WEP and solutions to WEP's security concerns. We will comprehensively present many of the known attacks on WEP and provide input to the design of future 802.11 protocols.
