HOW TO Archives

Wireless Access using WEP Key

There are many methods about how to securing wireless area network, however in this time I just want to talk about WEP (Wired Equivalent Privacy) methods. The WEP method uses Shared Key Authentication to initializing any client to have access on wireless network. The client should have to enter the encryption key at the first time they are connecting to wireless network or hotspot, if the WEP security key match with the Administrator key then they will have an access to connect to the wireless area network. The WEP has standard type for wireless connection type, it’s usually using 802.11b wireless connection type.
The following step will explain about Shared Key Authentication Process.

1. Client will request connection to Access Point, this step is the same as Open System Authentication.
2. Access Point will send a text challenge to Client
3. Client will reponse to that text challenge by encrypting the text challenge using WEP key and sending back to the Access Point.
4. Access Point will receive the encrypted WEP key and translate it by decrypting first, then will check if the key has macth with the Access Point key. If the key matchs with the AP System then the Access Point will authenticate the current Client and open the connection.

The communication data via IEEE 802.11 Shared Key Authentication seems more secure rather than Open System Authentication, however in facts it’s not true. The Shared Key will be more vulnerable for hacker and cracker. It is important to understand, they are two ways used by WEP. WEP can be used to verify the identity of the client during the process of shared key authentication, but can also be used to decrypt data sent by the client via the access point.
The WEP methods has many vulnerabilty as the following details :

1. The weakness of key, the RC4 algorithm easy to be cracked
2. WEP uses the static key
3. Problem on the Initialization vector (IV) WEP
4. Problem on message integrity Cyclic Redudancy Check (CRC-32)

WEP consists of two level, the 64 bit and the 128 bit. Actually, the secret key on a 64 bit WEP key is only 40 bits, while 24bit is an Initialization Vector (IV). Similarly, the 128 bit WEP key, secret key consists of 104bit.
The following explanation below are the methods that often used to crack the WEP key :

1. Attacking of the initialization vector (IV), often called the FMS attack. FMS stands for the name of the three inventors of the IV weakness Fluhrer, Mantin, and Shamir. This attack was done by collecting a weak IV as much as possible. The more weak IV is obtained, the sooner discovered the key that is used.
2. Getting a unique IV data obtained through the packet to be processed for WEP key cracking process more quickly. This method is called chopping attack, first discovered by h1kari. This technique only requires a unique IV thus reducing the need for IV are weak in WEP cracking.
3. Both of the above attacks require considerable time and packet, to shorten the time, the hackers usually do traffic injection. Traffic Injection is often done by collecting the ARP packet and then sends back to the access point. This resulted in the collection of initial vectors is easier and faster. Unlike the first and second, to attack traffic injection, required specification of tools and applications that start rarely found in stores, ranging from chipsets, firmware version, and versions of drivers, and not infrequently have to do patching of drivers and applications.

Well, that’s it all about Wireless Security using WEP security key method, I hope you can more creative to prevent any vulnerable attack on your Wireless Network and Access Point.

Related Posts

• Wireless Security on Windows or Macs Sat 02 Oct 2010
• Apple Patent Outlines a System To Track Users Tue 24 Aug 2010
• Go further and faster with the latest dual-band 802.11n routers Sat 13 Jun 2009
• How to hack WPA/WPA2 Thu 21 May 2009