Wired equivalent privacy (WEP) is a broken security algorithm for IEEE 802.11 wireless networks. WEP is widely used and is often the first security choice presented to users by router configuration tools. Wired Equivalent privacy uses the stream cipher RC4 algorithm for confidentiality and CRC-32 checksum for integrity. WEP has been widely criticized for a number of weaknesses. To overcome those flaws, alternative developed such as WiFi Protected Access (WPA), WEP2, WEPplus, Dynamic WEP, etc.

Authentication Methods in Wired Equivalent Privacy (WEP)

There are two methods of authentication used with Wired Equivalent Privacy. They are:

  • Open System Authentication – In this method, the WLAN client need not provide its credentials to Access point during authentication. Thus any client regardless of its WEP keys can authenticate itself with the access point and then attempt to associate.
  • Shared Key Authentication – Here WEP is used for authentication. A four way challenge response handshake is used as:
    • The client station sends an authentication request to the access point.
    • The access point sends back a clear-text challenge.
    • The client has to encrypt the challenge text using the configured WEP key.
    • The access point decrypts the material and compares it with the clear text it had sent.

Advantages of WEP Wireless Network Security Algorithm

  • WEP is a protocol that adds security to wireless local area networks.
  • WEP gives wireless networks the equivalent level of privacy protection as a comparable wired network.
  • WEP offers interoperability, since all wireless devices support basic WEP encryption.
  • Another advantage of WEP is that when uses happen to see your network during wireless detection, they will mostly likely be discouraged since it will require a key. This makes users that they are not welcome. Hence network is secure.

Drawbacks of WEP Wireless Network Security Algorithm

  • Key size is one of the security limitations in Wired Equivalent Privacy.
  • Cracking a longer key requires interception of more packets, but there are active attacks that simulate the necessary traffic.
  • The other weaknesses in Wired Equivalent Privacy include the possibility of IV collisions and altered packets that are not helped at all by a longer key.
  • Most users usually do not change their keys. This gives hackers more time to crack the encryption.
  • Master keys, instead of temporary keys, are directly used.

Alternatives to Wired Equivalent Privacy (WEP) Encryption

  • 802.11i (WPA and WPA2) Encryption – WiFi Protected Access (WPA) is an improvement on and is expected to replace the original Wi-Fi security standard, Wired Equivalent Privacy (WEP). WPA provides more sophisticated data encryption than WEP and also provides user authentication.
  • WEP2 Encryption – This stopgap enhancement to WEP was present in some of the early 802.11i drafts. It was implementable on some (not all) hardware not able to handle WPA or WPA2, and extended both the IV and the key values to 128 bits.
  • WEPplus Encryption – WEPplus, also known as WEP+, is a proprietary enhancement to WEP by Agere Systems that enhances WEP security by avoiding “weak IVs”. It is only completely effective when WEPplus is used at both ends of the wireless connection. As this cannot easily be enforced, it remains a serious limitation. It also does not necessarily prevent replay attacks.
  • Dynamic WEP Encryption – Dynamic WEP refers to the combination of 802.1x technology and the Extensible Authentication Protocol. Dynamic WEP changes WEP keys dynamically.