WPA to the Rescue!
In Chapter 3, we discussed some of the vulnerabilities of WEP. Let's refresh our memory.
First, remember that WEP uses a 24-bit IV as part of the seeding material that gets plugged into RC4. IVs should never be repeated, but this happens frequently because the 24-bit IV space gets exhausted after just a few hours in heavy traffic. When an IV is used twice (called an IV collision), WEP is vulnerable to key stream and replay attacks. A key stream attack is based on the fundamental principal that the XOR of two cipher texts equals the XOR of two plain texts. A replay attack takes a known key stream and uses it to forge a new packet. Replay attacks are possible because out-of-sequence IVs are accepted under WEP.
Another major issue ...
Get How Secure Is Your Wireless Network? Safeguarding Your Wi-Fi LAN now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
