Learning Wireless Security WEP Methods.

WEP is a first standard security & encryption used on wireless, WEP (Wired Equivalent Privacy) is a method of securing a wireless network, also called Shared Key Authentication. Shared Key Authentication is the authentication method that requires the use of WEP. WEP encryption uses a key that is inserted (by the administrator) to a client or access point. This key must match from a given access point to the client, with the inserted client to authenticate to the access point.

Here is the process of Shared Key Authentication :

Client has asked the association to the access point, this step is the same as the Open System Authentication.
Access point sends challenge text to the client in a transparent manner.
Client will provide a response by encrypting the challenge text using the WEP key and sends back to the access point.
Responded to an access point client response, the access point will perform encryption decrypt the response from the client to verify that the challenge text is encrypted using the WEP key as appropriate. In this process, the access point will determine whether the client has given the corresponding WEP key. If the WEP key provided by the client are correct, then the access point will respond positively and immediately to client authentication. But if the client entered the WEP key is incorrect, then the access point will respond negatively and will not be given a client authentication. Thus, the client will not be authenticated and not associated.

Data communication via the IEEE 802.11, Shared Key Authentication is more secure than it seems from the Open System Authentication, but in reality are not. Shared Key instead opened the door for intruders or crackers. It is important to understand two streets used by WEP. WEP can be used to verify the identity of the client during the process of shared key authentication, but can also be used to decrypt data sent by the client via the access point.

WEP has many flaws, among others:

The problem of weak keys, RC4 algorithm used can be solved.
WEP uses a static key.
Problem of initialization vector (IV) WEP.
Message integrity problem Cyclic Redundancy Check (CRC-32).

WEP consists of two levels, namely 64-bit key, and 128 bits. Actually, the secret key on a 64 bit WEP key is only 40 bits, while 24bit is an Initialization Vector (IV). Similarly, the 128 bit WEP key, secret key consists of 104bit.

The attacks on WEP weaknesses include:

The attack on the weaknesses of the initialization vector (IV), often called the FMS attack. FMS stands for the name of the three inventors of the IV weakness Fluhrer, Mantin, and Shamir. This attack was done by collecting a weak IV as much as possible. The more weak IV is obtained, the sooner discovered the key that is used.
Getting a unique IV data obtained through the packet to be processed for WEP key cracking process more quickly. This method is called chopping attack, first discovered by h1kari. This technique only requires a unique IV thus reducing the need for IV are weak in WEP cracking.

Both of the above attacks require considerable time and packet, to shorten the time, the hackers usually do traffic injection. Traffic Injection is often done by collecting the ARP packet and then sends back to the access point. This resulted in the collection of initial vectors is easier and faster. Unlike the first and second, to attack traffic injection, required specification of tools and applications that start rarely found in stores, ranging from chipsets, firmware version, and versions of drivers, and not infrequently have to do patching of drivers and applications.