WEP

wrathrow11wrathrow11 Member Posts: 5 ■□□□□□□□□□
I got got one question for WEP. Why does it uses 24-bit IV to prepend with 40 or 104-bit key? Why not a bit higher, which suppose to be more secure? If it is because of the design, why did they choose 24-bit?

Comments

  • RussSRussS Member Posts: 2,068 ■■■□□□□□□□
    hmmm - why is an orange round?

    Seriously I would think that perhaps they were taking into account the computational abilities of things like older machines and PDAs. I think that with a little research you will find an appropriate answer.
    www.supercross.com
    FIM website of the year 2007
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 12,032 Admin
    wrathrow11 wrote:
    I got got one question for WEP. Why does it uses 24-bit IV to prepend with 40 or 104-bit key? Why not a bit higher, which suppose to be more secure? If it is because of the design, why did they choose 24-bit?
    The smaller value was probably considered a good balance between an easily crunchable encryption scheme for smaller processors and a reasonably secure WLAN.

    The TKIP (Temporal Key Integrity Protocol) in WPA uses a 48-bit IV (Initialization Vector) as one the enhancements to the WEP encryption engine. It seems the 24-bit IV in WEP didn't do much to make a WLAN secure, as evidence from the AirSnort (airsnort.shmoo.com) and WEPcrack (wepcrack.sourceforge.net) programs.

    Remeber that WEP is suppose to give an 802.11 network the equivalent privacy of an 802.3 network--which is not inherently secure in the first place. When you think about it, encryption is the only real security applicable to bits flying through the air.
Sign In or Register to comment.