Wired Equivalent Privacy (WEP)
Wired Equivalent Privacy (WEP) is a security standard for wireless networks or WiFi. It was a part of the original IEEE 802.11 protocol. As wireless networks transmit data over radio waves, eavesdropping on wireless data transmissions is relatively easier than in wired networks connected by cables. WEP aims to provide the same level of security and confidentiality in wireless networks as in wired counterparts.
Features of WEP
- WEP was introduced as a part of IEEE 802.11 standard in 1997.
- It was available for 802.11a and 802.11b devices.
- WEP uses encryption of data to make it unrecognizable to eavesdroppers.
- It uses RC4, a stream cipher, for encryption and CRC-32 checksum for confidentiality and integrity
- The two widely used standards were WEP-40 and WEP-104.
- In WEP-40, a 40 bit WEP key is concatenated with a 24 bit initialization vector, to generate a 64 bit RC4 key.
- In WEP-104, a 104 bit WEP key is concatenated with the 24 bit initialization vector, to generate a 128 bit RC4 key.
- WEP operates at the data link and physical layer.
- It incorporates two authentication methods:
- Open System authentication
- Shared Key authentication
- In 2001 – 2003, major security flaws were identified with WEP that proved that the data transmitted was susceptible to malicious changes of the wireless network.
- In 2004, with the approval of Wireless Protocol Access 2 (WPA2), IEEE scraped down both WEP-40 and WEP-104 standards.
Published on 09-Jan-2020 12:19:15