Networking / Beginners

Cipher Implementations

So far we've reviewed algorithms, cipher-text, plain-text, and ciphers, and you might be wondering of what practical use any of these things are to a wireless network administrator.

In the following sections, we will look at the practical implementations of some of the cryptographic concepts discussed thus far-as they pertain to wireless network administration.

Wired Equivalent Privacy Protocol

When the IEEE 802.11 standard was being developed, it was a necessity that some method be required for securing the communications that use radio frequency (RF) as a medium. The proposed and implemented solution was the Wired Equivalent Privacy (WEP) protocol. The phrase "wired equivalent" refers to the intention and goal for WEP, which was to secure communications in a wireless network in ways that are equivalent to those achieved in wired networks.

Under the hood of WEP is the RC4 cipher. WEP is a living and practical example of a textbook cipher (RC4).

The following steps show a simplified version of how WEP works:

  1. The entities (nodes) that want to communicate securely in a wireless distribution systems agree to use WEP to secure their communications.
  2. Since WEP is based on RC4, which uses symmetric keys, a key (common secret) is therefore needed. The nodes choose and agree on a common secret key to be used.
  3. The plain-text message to be sent over the wireless medium is created by the node.
  4. The plain-text data is passed through a hashing algorithm to obtain a checksum.
  5. The checksum is appended to the plain-text data.
  6. A 24-bits-long initialization vector (IV) is generated and appended to the secret key. This results in a stream of data that is generated and run through the RC4 pseudo-random number generator to form a keystream that is equal in length to the original plain-text/checksum from step 5.
  7. An XOR operation is performed on the resulting keystream and the plain-text/ checksum combination obtained from step 5.
  8. The result of the XOR operation is the cipher-text or encrypted message.
  9. The cipher-text is transmitted over the wireless medium to the receiving node, which then proceeds to decrypt the data.

WEP is considered a deprecated method for securing wireless networks. WEP is easily broken and should not be relied on as a method for securing wireless communications. WEP is also vulnerable to brute-force attacks, dictionary attacks, reinjection attacks, and attacks that take advantage of its use of IV.

[Previous] [Contents] [Next]