Networking / Beginners

Cipher Implementations

So far we've reviewed algorithms, cipher-text, plain-text, and ciphers, and you might be wondering of what practical use any of these things are to a wireless network administrator.

In the following sections, we will look at the practical implementations of some of the cryptographic concepts discussed thus far-as they pertain to wireless network administration.

Wired Equivalent Privacy Protocol

When the IEEE 802.11 standard was being developed, it was a necessity that some method be required for securing the communications that use radio frequency (RF) as a medium. The proposed and implemented solution was the Wired Equivalent Privacy (WEP) protocol. The phrase "wired equivalent" refers to the intention and goal for WEP, which was to secure communications in a wireless network in ways that are equivalent to those achieved in wired networks.

Under the hood of WEP is the RC4 cipher. WEP is a living and practical example of a textbook cipher (RC4).

The following steps show a simplified version of how WEP works:

  1. The entities (nodes) that want to communicate securely in a wireless distribution systems agree to use WEP to secure their communications.
  2. Since WEP is based on RC4, which uses symmetric keys, a key (common secret) is therefore needed. The nodes choose and agree on a common secret key to be used.
  3. The plain-text message to be sent over the wireless medium is created by the node.
  4. The plain-text data is passed through a hashing algorithm to obtain a checksum.
  5. The checksum is appended to the plain-text data.
  6. A 24-bits-long initialization vector (IV) is generated and appended to the secret key. This results in a stream of data that is generated and run through the RC4 pseudo-random number generator to form a keystream that is equal in length to the original plain-text/checksum from step 5.
  7. An XOR operation is performed on the resulting keystream and the plain-text/ checksum combination obtained from step 5.
  8. The result of the XOR operation is the cipher-text or encrypted message.
  9. The cipher-text is transmitted over the wireless medium to the receiving node, which then proceeds to decrypt the data.

WEP is considered a deprecated method for securing wireless networks. WEP is easily broken and should not be relied on as a method for securing wireless communications. WEP is also vulnerable to brute-force attacks, dictionary attacks, reinjection attacks, and attacks that take advantage of its use of IV.

[Previous] [Contents] [Next]

In this tutorial:

  1. Securing Wireless Networks
  2. Security Background
  3. Security Services
  4. Cryptographic Concepts and Terms
  5. Encryption and Decryption
  6. Keyspace
  7. Exclusive OR (XOR)
  8. Algorithm
  9. Asymmetric Encryption Algorithms
  10. Public-Private Key Cryptography
  11. Cipher
  12. Concealment Ciphers vs. Running Key Ciphers
  13. Stream Ciphers vs. Block Ciphers
  14. Cipher Examples
  15. Cipher Implementations
  16. Wi-Fi Protected Access
  17. TKIP/WPA
  18. Wi-Fi Protected Access 2 (WPA2)
  19. CCMP/AES
  20. Hash Functions
  21. EAP
  22. EAP Entities
  23. EAP Grammar
  24. EAP Types
  25. EAP-TTLS
  26. EAP-PSK
  27. EAP-SIM
  28. EAP-AKA
  29. IEEE 802.11i
  30. Four-Way Handshake
  31. IEEE 802.11i Considerations