WEP (Wired Equivalent Privacy) was the first security algorithm introduced for Wi-Fi networks, as part of the original IEEE 802.11 standard ratified in 1997 (though often cited as 1999). Its primary goal was to provide wireless networks with a level of security and privacy equivalent to what was expected from a traditional wired Ethernet network.

At the time of its introduction, the idea was that by encrypting wireless transmissions, even if data was intercepted (which is easy over radio waves), it would be unreadable to unauthorized parties.

How WEP Was Designed to Work:

WEP relies on a shared secret key and the RC4 stream cipher for confidentiality. It also uses a CRC-32 checksum for data integrity.

1. Shared Secret Key:

   • Both the wireless client (e.g., your laptop) and the Access Point (AP) must be configured with the exact same secret key. This key is static and does not change unless manually updated.

   • WEP typically used key sizes of 64-bit (often referred to as 40-bit, as 24 bits were an Initialization Vector) or 128-bit (often referred to as 104-bit, plus the 24-bit IV). These keys were usually entered as a string of hexadecimal digits (e.g., 10 hex digits for 64-bit, 26 hex digits for 128-bit).

2. Initialization Vector (IV):

   • To prevent identical plaintext blocks from encrypting to identical ciphertext blocks (which would reveal patterns), WEP uses a 24-bit Initialization Vector (IV).

   • This IV is combined with the shared secret key to form the per-packet RC4 key.

   • The IV is sent in plain text alongside the encrypted data packet.

3. RC4 Encryption:

   • The RC4 stream cipher generates a pseudo-random keystream.

   • This keystream is then XORed (eXclusive OR) with the plaintext data to produce the ciphertext (encrypted data).

4. CRC-32 for Integrity:

   • Before encryption, a 32-bit Cyclic Redundancy Check (CRC-32) checksum is calculated for the plaintext data.

   • This checksum is appended to the plaintext, and then the whole thing (plaintext + checksum) is encrypted.

   • The receiver decrypts the data, calculates its own CRC-32, and compares it to the received checksum to check for errors or tampering.

5. Authentication:

   • WEP supports two authentication methods:

     • Open System Authentication: No real authentication occurs. Any client can associate with the AP and then attempt to use the WEP key for data encryption. This is essentially no authentication.

     • Shared Key Authentication: The client sends an authentication request. The AP replies with a clear-text “challenge” (a random string). The client encrypts this challenge using the WEP key and sends it back. The AP decrypts the response and, if it matches the original challenge, authenticates the client.

Why WEP is Obsolete and Insecure:

Despite its intentions, WEP suffered from severe design flaws that made it extremely vulnerable to attacks, leading to its deprecation in 2004. It is now considered completely insecure and should never be used for protecting Wi-Fi networks.

The key vulnerabilities include:

1. Weak Initialization Vector (IV):

   • Small IV Size (24-bit): A 24-bit IV is far too small. With common network traffic, an IV collision (the same IV being used twice with the same WEP key) will occur very quickly (after only a few thousand packets). When the same IV is reused, it reveals a cryptographic weakness that attackers can exploit.

   • Plaintext IV Transmission: The IV is sent unencrypted. Attackers can easily capture these IVs.

   • Predictable IV Generation: Many early WEP implementations generated IVs in a predictable sequence, further exacerbating the reuse problem.

2. Weak Key Management (Static Shared Key):

   • The same static WEP key is shared among all users on the network and is typically never changed. If one user’s key is compromised, the entire network is compromised.

   • There’s no mechanism for dynamic key changes, which is crucial for strong security.

3. Vulnerable RC4 Stream Cipher:

   • While RC4 itself isn’t inherently broken, its implementation in WEP has severe flaws due to the way the IV is used and the key is derived.

   • Related-Key Attacks: The weaknesses allow attackers to perform statistical analysis on captured packets (especially if IVs are reused) and deduce parts of the shared WEP key. Tools like Aircrack-ng can crack a WEP key in minutes (sometimes seconds) by passively collecting a relatively small number of packets.

4. Weak Data Integrity (CRC-32):

   • CRC-32 is a checksum designed for error detection, not cryptographic integrity. It’s linear and predictable.

   • Attackers can perform bit-flipping attacks: They can change bits in the encrypted data, recalculate the CRC-32 (even without knowing the key!), and then create a valid-looking but modified packet. The receiver will decrypt the modified data and its new, matching CRC-32, making the tampering undetectable to WEP.

5. Packet Injection and Replay Attacks:

   • Due to the lack of replay protection and the ability to manipulate packets, attackers can inject arbitrary packets into the network or replay previously captured packets. This can be used to generate more traffic (to speed up IV collection) or to inject malicious commands.