Eve passively snoops on an 802.11 network with WEP. Assume that the WEP implemen

Question

Eve passively snoops on an 802.11 network with WEP. Assume that the WEP implementation uses a 40-bit PSK. Eve observes a WEP authentication challenge L and the corresponding response: C = Ek(L) = L RC4(IV |P SK) . (a) How can Eve identify that an 802.11 frame is an authentication challenge or response? Explain your answer. (b) Provide pseudo-code for a brute-force algorithm that recovers (outputs) the P SK. What are the inputs to the algorithm? Explain the operation of your pseudo-code. (c) Assume an RC4 implementation that can initialize (via the KSA) and produce n bytes of keystream in n + 10 microseconds. Assume that the P SK can be any sequence of 40bits. What is the expected amount of time before recovering the P SK using your algorithm in the previous question? Show work and/or explain your answer. (d) Now, assume that the P SK is printable ASCII (0x20 - 0x7E). What is the expected amount of time before recovering the P SK using your algorithm in the previous question? Show work and/or explain your answer. (e) Would Eve’s algorithm work better if she observed a second authentication challenge and response with a different IV ? Explain your answer.

Explanation / Answer

WEP security involves two parts, Authentication and Encryption. Authentication in WEP involves authenticating a device when it first joins the LAN. The authentication process in the wireless networks using WEP is to prevent devices/stations joining the network unless they know the WEP key. WEP Authentication In WEP-based authentication, wireless device sends authentication request to the wireless access point, then wireless access point sends 128 bit random challenge in a clear text to the requesting client. The wireless device uses the shared secret key to sign the challenge and sends it to the wireless access point. Wireless access point decrypts the signed message using the shared secret key and verifies the challenge that it has sent before. If the challenge matches, then authentication succeeds otherwise not. Unfortunately, in WEP, no secret key is exchanged after authentication. The same secret key or shared key is used for both authentication and encryption. So there is no way to tell whether the subsequent messages come from the trusted device or from an impostor. This kind of authentication is prone to man in the middle attack. This authentication is really not a best effort here. In the Wi-Fi specification, authentication was completely dropped, despite being in the IEEE 802.11 standard.

WEP uses RC4 stream cipher to encrypt data between access point and wireless device. WEP uses 8-bit RC4 and operates on 8-bit values by creating an array with 256 8-bit values for a lookup table (8-bits of 8-bit values). WEP Encryption WEP uses CRC for the data integrity. WEP performs CRC (Cyclic Redundancy Check) checksum operation on the plaintext and generates CRC value. This CRC value is concatenated to the plaintext. The secret key is concatenated to the Initialization Vector(IV) and fed into the RC4. Based on the secret key and IV, RC4 generates keystream. The keystream and plaintext+CRC message are XOR'ed together. The result is the ciphertext. The same Initialization Vector that was used before, is prepended in clear text to the resultant ciphertext. The IV + Ciphertext along with the frame headers are then transmitted over the air.

Related Questions

Navigate

• Browse (All)
• Browse E
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.