Summary
WEP has a number of well-documented vulnerabilities that significantly limit its ability to safeguard data. In this chapter, we reviewed how WEP and XORing work to help you understand the problems and go beyond the “WEP is Bad” headlines. The underlying encryption engine used by WEP is RC4, which is widely used in various Internet protocols including secure Web pages (HTTPS). When it comes to WEP flaws, the problem isn't RC4. The problem is the way that RC4 is implemented. In particular, the implementation of IVs is flawed because it allows IVs to be repeated and hence, violate the No. 1 rule of RC4: Never, ever reuse a key.
Newsham exposed another vulnerability of WEP by demonstrating that the key generator used by many vendors is flawed ...
Get How Secure Is Your Wireless Network? Safeguarding Your Wi-Fi LAN now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
