1 of 16

Slide Notes

DownloadGo Live

WEP Vulnerabilities

Published on Dec 01, 2015

No Description

View Outline

MORE DECKS TO EXPLORE

PRESENTATION OUTLINE

1.

WEP Vulnerabilities

Elias and Shane Paper Joint
Photo by MattysFlicks
2.

Wired Equivalent Privacy

  • WEP has been around for a long time
  • Provides wireless security similar to a wired connection
  • It can still be used today but its not recommended
3.

64 Bit WEP Encryption

  • WEP uses two steps of encryption
  • A stream cipher called RC4 for confidentiality and CRC32 checksum for integrity
  • A 64 bit WEP encryption is standard
4.

Encryption explained more

  • 10(Hex characters and numbers) X 4(bits) = 40 bits of encryption + 24 (Initialization vector) = 64 bit WEP Encryption method
Photo by elsamuko
5.

Example of 64 WEP encryption

  • F91EDA21B5
  • Encrypted message could mean Hello
6.

Public keys and private keys

  • public keys encrypts data to a non readable form,
  • private key decrypts an encryption so it can be converted back to clear text
Photo by RobotSkirts
7.

WEP Authentication

  • Two types:
  • Open Systems
  • Shared key authentication
8.

Open Systems

  • Means anyone don't have to provide authentication to the access point during authentication
9.

Shared Key Authentication

  • **(There will be a diagram here)**
10.

Initialization Vector

  • RC4 is a stream cipher the same traffic key must never be used twice
  • The IV's purpose is to prevent any repetition of the same traffic key being utilized in packets
  • Because so little IV packets are being used statistically speaking
  • there is a 50 percent chance that the same packet will be used after 5000 packets
11.

Performs

  • This attack can be used by personal cpu's off the shelf hardware, and freely available software such as aircrack-ng to crack any WEP keys in minutes
12.

Aircrack-ng

  • Packet sniffer for 802.11
  • cracks WEP and WPA keys using dictionary attacks
  • compatible with wireless network interface cntroller that supports raw maonitoring mode
  • runs under linux and windows
13.

RC4

  • Rivest Cipher- Ron's Code
  • RC4 is a stream cipher
  • used in popular internet protocols
  • vulnerable when key stream is not discarded
  • mozzilla and Microsoft recommends disabling RC4 when possible
14.

Remedy

  • THere has been different alternatives when it comes to wireless security
  • Recommendations include WPA2 or WPA
Photo by Topeka & Shawnee County Public Library
15.

GREAT SCOTT!

  • Any Questions?
Photo by lirontocker
16.

Satisfied?

Photo by torbakhopper

Friend of Haiku Deck