WEP Weaknesses
WEP is vulnerable to attack for several reasons:
• Distributing WEP keys manually is a time-intensive, laborious task. Because it is
tedious to manually rekey the WEP code, the keys are not likely to change
frequently. Therefore, an attacker probably has enough time to decipher the key.
• When keys are not changed often, attackers can compile so-called decryption
dictionaries. These are huge collections of frames, encrypted with the same key.
These frames can then be analyzed and used for attack.
• Standardized WEP implementations use 64- or 128-bit shared keys. Although the
128-bit key sounds excessively durable, it is still possible to crack a key this size
within a short interval with sustained traffic.
• WEP uses RC4 for encryption. Of all the possible RC4 keys, the statistics for the
first few bytes of output are nonrandom, which can provide information about the
key.
NOTE: RC4 is the most widely used software stream cipher. In addition to WEP, it is also
used in secure sockets layer (SSL), the encryption medium used for web pages. Although
widely deployed and adequate for web use, it is generally not considered a good means of
encryption for WLANs.