WEP (Wired Equivalent Privacy) was the default encryption protocol introduced in the first IEEE 802.11 standard back in 1999. It is based on the RC4 encryption
algorithm, with a secret key of 40 bits or 104 bits.
WEP Security involves two parts:
1. Authentication
2. Encryption
Authentication:
—————
-> Authenticating the station when it first joins the LAN.
-> It is to prevent the station joining the wireless network unless they know the WEP key.
Shared Authentication:
———————–
-> It involves a challenge-response handshake in which a challenge message is encrypted by the stations keys and returned to the access point for verification.
-> If the encrypted challenge doesn’t match that expected by the access point, then the station is prevented from forming an association.
The WEP key must be either 40 bits long or 104 bits long. This means you have to give either 5 or 13 characters for the WEP key, or a 10- or 26-digit hexadecimal value.
Negotiation:
Wireless Device AP
Probe Request: —->
The station broadcasts a probe request frame on every channel.
Probe Response: <—-
All Access points within range respond with a probe response frame.
Auth Request —->
In WEP-based authentication, The client decides which access point (AP) is the best for access and sends authentication request to the wireless access point.
Auth Challenge <—-
Then wireless access point sends 128 bit random challenge in a clear text to the requesting client.
Auth Response (C,K) —->
The wireless device uses the shared secret key to sign the challenge and sends it to the wireless access point.
Auth Success <—-
Wireless access point decrypts the signed message using the shared secret key and verifies the challenge that it has sent before. If the challenge matches, then
authentication succeeds otherwise not.
Association Request: —->
Upon successful authentication, the client sends an association request frame to the access point
Association Response: <—-
The access point replies with an association response.
-> WEP key can be calculated by comparing the unencrypted and encrypted auth text strings. So shared key authentication can be less secure than open authentication.
-> No secret key is exchanged after authentication. The same secret key or shared key is used for both authentication and encryption.
Open Authentication:
——————–
-> It allows any device to authenticate with the access point.
-> Keys that are passed into the client aren’t checked to see if they’re valid.
-> But the device can communicate only if its WEP keys match the access point’s.
Negotiation:
Wireless Device AP
Probe Request: —->
The station broadcasts a probe request frame on every channel.
Probe Response: <—-
All Access points within range respond with a probe response frame.
Auth Request —->
In WEP-based authentication, The client decides which access point (AP) is the best for access and sends authentication request to the wireless access point.
Auth Challenge <—-
Then wireless access point sends 128 bit random challenge in a clear text to the requesting client.
Association Request: —->
Upon successful authentication, the client sends an association request frame to the access point
Association Response: <—-
The access point replies with an association response.
WEP Encryption:
————–
-> WEP uses RC4 stream cipher to encrypt data between access point and wireless device. RC4 is a stream cipher algorithm, which “takes one character and replaces
it with another character, the output of which is known as a keystream.
-> WEP uses 8-bit RC4 and operates on 8-bit values by creating an array with 256 8-bit values for a lookup table.
-> WEP uses CRC for the data integrity i.e WEP performs CRC (Cyclic Redundancy Check) checksum operation on the plaintext and generates CRC value. This CRC value is
concatenated to the plaintext.
-> It is essential that the same key never be used twice with a RC4 stream cipher. To prevent this from happening, WEP includes a 24-bit initialization vector (IV).
-> The secret key(40 / 104 bit length) is concatenated to the Initialization Vector(IV) and fed into the RC4.
Here, key is 40 / 104 bit length.
If key is in decimal need to give 5 digits (each digits represents 8 bits).
If key is in hexa need to give 10 digits (each digits represents 4 bits).
-> Based on the secret key and IV, RC4 generates keystream.
-> The keystream and plaintext+CRC message are XOR’ed together. The result is the ciphertext. Formula: C= [M|| ICV(M) ] + [ RC4(K|| IV) ]
-> The same Initialization Vector that was used before, is prepended in clear text to the resultant ciphertext.
The IV + Ciphertext along with the frame headers are then transmitted over the air.
WEP Vulnerability:
—————–
The implementation of IV mechanisms in WEP has made the protocol vulnerable. Because,
-> IVs are too short (24 bits – 2^24-bit 16,777,216 only allows a little under 17 million possibilities)
-> IV reuse is allowed (less than 5000 packets required for a 50% chance of collision).
-> No built-in method of updating keys i.e No key management.
Other disadvantage:
-> WEP uses small key sizes: the key size for WEP encryption is only 40 bits, which is not long enough to resist brute-force attacks.
-> It is easy to forge WEP authentication messages: WEP uses Shared Key for encrypting a challenge.” But if the attacker “can observe the challenge and encrypted
response, he can “determine the RC4 stream used to encrypt any challenge which would be received in the future.
WEP Crack using Aircrack:
————————
It contains three main utilities:
1. airodump: wireless sniffing tool used to discover WEP-enabled networks,
2. aireplay: injection tool to increase traffic,
3. aircrack: WEP key cracker making use of collected unique IVs.
The main goal of the attack is to generate traffic in order to capture unique IVs used between a legitimate client and an access point.
Some encrypted data is easily recognizable because it has a fixed length, fixed destination address etc. This is the case with ARP request packets, which are
sent to the broadcast address (FF:FF:FF:FF:FF:FF) and have a fixed length of 68 octets. ARP requests can be replayed to generate new ARP responses from a legitimate
host, resulting in the same wireless messages being encrypted with new IVs.
-> Setting up in monitor mode
airmon.sh start ath0
-> Discovering nearby networks and their clients
airodump ath0 wep-crk 0
BSSID STATION PWR Packets ESSID
00:13:10:1F:9A:72 00:0C:F1:19:77:5C 56 1 hakin9demo
-> Decrypting WEP packets without knowing the key
aireplay -4 -h 00:0C:F1:19:77:5C ath0
vijayababuj 