A series of compromises was made in order to ???fix??? WEP through
software-based firmware upgrades. The majority of existing WEP devices had extremely
minimal CPU resources, often based on sub-40 MHz chips based on older hardware such
as the 80486. As these devices are typically incapable of encryption work, the
implementation of RC4 for WEP was often offloaded onto secondary chips. This is a
primary consideration. The replacement for WEP must still use RC4 and RC4 primitives
for any and all encryption. The main problems with WEP are:
??? WEP does not prevent forgery of packets.
??? WEP does not prevent replay attacks. An attacker can simply record and replay
packets as desired and they will be accepted as legitimate.
??? WEP uses RC4 improperly. The keys used are very weak, and can be brute-forced on
standard computers in hours to minutes, using freely available software.
??? WEP reuses initialization vectors. A variety of available cryptanalytic methods can
decrypt data without knowing the encryption key.
??? WEP allows an attacker to undetectably modify a message without knowing the
encryption key.
Understanding and Achieving Next-Generation Wireless Security 133
6.
Pages:
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362