Skip to main content

5. Gaining Access - WEP Cracking

Basics

  • WEP means: Wired Equvalent Privacy
  • It's an old encryption
  • Uses an algorythm called RC4
  • Still used in some networks
  • Can be cracked easily

How Encryption works

  • Each Package is encrypted via a unique Keystream
  • Random Initialization Vector (IV) is used to generate the Keystreams
  • The IV is only 24 bits
  • IV + (password) Key = keystream

WEP Cracking

  • IV is too small (24bits)
  • IV is sent in plain text

Weakness

  • IV's will repeat on busy networks
  • This will make WEP vulnerable to statistical attacks
  • Repeated IV's can be used to determine the Keystream
  • And break the encryption

Because the router already knows the (password) Key WLAN devices just need to send the IV

Back to top