Here you can learn about specific topics in wireless security and new developments in the field of wireless LANs
Airport wireless network scan

Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP) is an encryption algorithm used to protect 802.11 networks. At its core WEP uses the RC4 encryption algorithm and has provisions for a 40 bit and a 104 bit key. The RC4 algorithm is a two step process consisting of the Key Scheduling Algorithm (KSA) and the Pseudo Random Number Generator (PRGA). More about RC4 can be found here. A sample encryption/decryption exchange between an Wireless Station and Access Point is depicted below.

Encryption/Decryption using WEP
Figure 1: Encryption/Decryption using WEP

Unfortunately, since its proposal various cryptographic problems have been unearthed in WEP which have proved it to be useless. The most notable of these flaws were the FMS, KoreK and the PTW Attack. The central idea behind WEP cracking is to use a special class of encrypted packets called “Weak IV” packets to break the key.

Aircrack-ng screenshot
Figure 2: Aircrack-ng screenshot

Very soon, programmers and hackers put together proof of concept tools such as Aircrack-NG to break the WEP key using network traces.  A screen shot of Aircrack-NG is shown in Figure 2.

Currently breaking WEP has become child’s play and even a 104 bit key can be broken in less than 5 minutes flat. Due to all these problems, the IEEE has recommended both manufacturers and users to move away from WEP and adopt WPA/WPA2 which provides a stronger and currently unbreakable encryption.

Alarmingly, even though these recommendations have been made for quite some time, a majority of organizations and users still continue to use WEP and are living under a false sense of security.