Important features of WEP

IEEE 802.11 standard defines WEP. It was designed to protect wireless network traffic from any type of sniffing and eavesdropping.

Now, first, we understand what is packet sniffing. Hackers generally intercept wired or wireless network traffic to steal sensitive data such as passwords, credit card details, social security numbers,s, etc. This technique is called packet sniffing. And Eavesdropping is the real-time capturing of network traffic to steal sensitive information. Apart from securing the integrity of data, it helps in the authentication of the user and prevents unauthorized access to the wireless network. How does the WEP protocol secure traffic? It uses a shared key to encrypt and decrypt data before sending and after receiving. It also uses hash value to verify the network packets and ensures integrity.

WEP uses the Rivest Cipher 4 (RC4) algorithm to provide encryption and decryption mechanism. RC4 is a symmetric stream cipher that uses the same static key (also called WEP key) for all types of encryption. RC4 is considered a weak algorithm by researchers.

Why is WEP discarded?

WEP was cracked by a group of researchers as soon as it was released. As this protocol uses the same shared key for encryption and decryption of data, if the attacker found WEP keys, he or she can join the network and decrypt all traffic. It just gives a false sense of security to the user. Currently, these algorithms can be cracked in less than 60 seconds.

WPA and WPA2 are the alternate protocols to secure wireless network traffic from any sniffing attack. It is much more secure than WEP. WPA was a temporary fix for the WEP algorithm based on LEAP and TKIP cryptosystem. Currently, WPA cracks are also available. WPA2 was released to mitigate all shortcomings of WEP and WPA2. This algorithm is still considered secure.

The post What is Wired Equivalent Privacy (WEP)? first appeared on All About Testing.