Mumbai University > Information Technology > Sem 7 > Wireless Technology

Marks: 10M

Year: May 2016

WEP (wired equivalent privacy)

1. It is based on symmetric secret key
2. Keystream is created using secret key and initialization vector (IV)

With WEP enabled, all the data is encrypted using the Ron Rivest Code 4 (RC4) in the purpose to provide secure communication. In addition, WEP protects the wireless traffic with a randomly generated 24-bit Initialization Vector (IV), which is combined with the 40-bit or 104-bit shared secret key (so-called 128 bit in most product implementation). The WEP encryption operation is described below:

1. The 40-bit shared secret key is concatenated with the 24-bit randomly generated Initialization Vector (IV). The IV is used to increased security by introducing cryptographic variance to the Initial Shared Secret Key.
2. The new 64-bit key is fed into the RC4 algorithm to create the Encryption key or key stream
3. Before encrypting the data, an integrity check is performed with the Cyclic Redundancy Check-32 (CRC-32) algorithm. This step intends to protect against data modification. The CRC operation generates a 4 bytes CRC which is concatenated to the initial data to obtain the plaintext that will be used as input in step 4. The shared secret key is not used in this process.
4. The plaintext (data and its concatenated CRC) is encrypted with the encryption key (or key stream) generated in step 2, using the mathematical XOR function to obtain the ciphertext.
5. The encrypted output can now be send to transmission with the Initialization Vector appended to the ciphertext.
6. The client will use the reverse steps to decrypt the ciphertext and recover the original data.

Frame body and ICV are encrypted.

Receiver checks ICV value that it has computes against what has actually arrived.

If same genuine data else discarded.