How is wep insecure
If reports and studies are accurate, a significant percentage of wireless LANs especially those used in homes are still using outdated and insecure WEP for their encryption.
WPA has been a mainstream technology for years now, but WEP remains a standard feature on virtually every wireless router on store shelves today. This problem used to be something you could mitigate by periodically changing the WEP key which is why routers generally allow you to store up to four keys. But few bother to do this because changing WEP keys is inconvenient and time-consuming — it has to be done not just on the router, but on every device that connects to it.
As a result, most people just set up a single key and then continue using it ad infinitum. In fact, researchers in the computer science department of a German university recently demonstrated the capability to compromise a WEP-protected network very quickly. If these packets aren't encrypted, hackers can peek at them and see the data within.
This tactic is known as a Man-in-the-Middle MitM attack. If the packets are encrypted, then anyone performing a MitM attack on the network will see what you're sending. That's what WEP solved; it encrypted your data so people couldn't peer into the packets. To understand WEP's major flaw, let's imagine a company that produces puzzle books.
These books are renowned for being filled with incredibly tricky puzzles which require a lot of computational power to solve. Due to the extreme difficulty of the book, people like to collaborate to solve the puzzles. The writers of the book want to fill it with enough content so that they can publish another one before the readers complete the current edition.
If the general public solves the book before the book publishers release a new one, they have to get a new book out ASAP. From these three properties, you can make a rough estimate of how long it will take to solve a whole book. For example, if it takes a month for one person to solve one puzzle, and the book contains a thousand puzzles, it'll take a dedicated team of one hundred people to solve the book within 10 months.
As such, the next book should be ready to go before 10 months has passed. This does mean that the older the puzzle book, the higher the chance that it's solved already. This is especially true for the first few editions of books, which contains easier and fewer puzzles than later versions. In the same vein, WEP's age makes it an insecure choice for encryption. It was the first protocol created for Wi-Fi, it has been out since , and millions of people have used it since then.
From the puzzle book example, WEP would be the very first puzzle book to be released and fully solved. People on the internet can easily find tools that can break open WEP security, much like how people could search all the answers for the first puzzle book.
WEP encrypts all traffic using a 64 or bit key in hexadecimal. This is a static key, which means all traffic, no matter the device, is encrypted using the single key. This protocol stood up for a while until the computing power in everyday computers grew with the improvements in IPC and clock speeds of processors.
At this point, the standard was considered insecure and was deprecated. The WEP attack took maybe 5 minutes and was able to penetrate the network, all at the hands of a class of high schoolers. However, the WPA attacks required the use of a dictionary and never found the password to the network.
The key does not change with every packet that is transmitted, so a hacker can listen in and, with patience, gather enough packets to decipher the encryption key. This length of a key is not very secure with the amount of computing power that people have in their pockets.
WEP is not a good encryption standard; however, it is better than no security.
0コメント