WEP encryption: How it works and its weakness

Hi there,

First of all sorry for the delay as I was on vacations but finally I am back with a new post.

So I past few posts we talked about MAC address and how to login to a AP which has a MAC filter enabled on it.
So now we will talk about Encryption and How to Crack it.
Our first topic is about WEP encryption.

So lets start:-

WEP is an old encryption but still it is used in many networks to provide data confidentially that's why we are learning how to break it.
WEP stands for Wired Equivalent Privacy. It was designed to provide the data confidentially as compared to the wired networks.


WEP uses a algorithm which is known as the  Rivest Cipher 4 algorithm. RC4 is designed by Ron Rivest of RSA security in 1987.
In RC4 algorithm  data packets is encrypted at AP (access point) and then decrypted at the client. Here what WEP does that it ensures that each packet has its unique keystream by using a random 24-bit Initializing Vector(IV) and it is not encrypted. It means that you are able to capture a data packets then you will be able to read the IV.


There are two types of authentication that are used in WEP encryption 
1. Open System Authentication:- It this authentication the WLAN client need not to provide its credentials to the access point for the authentication.
2. Shared Key Authentication:- It takes place by following ways.
The client sends the authentication request to the AP.
The AP reply with a clear text challenge.
After these two steps the client encrypt the clear text challenge using the configured or entered WEP key and sends its back to the AP.
Now AP decrypts the response if this matches the challenge text then you will be authenticated otherwise a negative reply will be received.


So  the Weakness here is  IV  was generated by 24-bit Initializing vector.
So in a busy network the possibility of randomness will not work because there will be too much packets which are received or sent and the IV are always generated by 24 bit random IV.

So we can collect more than two packets which have the same Initializing vector. and After that we can use aircrack-ng to determine the key stream and the WEP key.

If you captured lot of packets then the chances of determining key will increase.

We will be  doing the demonstration of Cracking WEP in next post.
Stay tuned 

Jitendra(Team Computer Korner)

Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!