WEP uses RC4 stream encryption, for a fresh key stream for each packet.
The Init Vector & the key are combined to get per-packet key which is used to generate RC4 keys stream.
The RC4 is one of the major culprits in the security issues.
Part of the weakness of RC4 has to do with the combo of Init. Vector and Plain Text chipper.
24 bit Init vector is finishing a cycle of 2 in the power of 24 in about hour and then repeats.
Repeating Init Vector plus knowledge about the plaintext language, makes guessing the plaintexts simpler.
It is an interim solution that is used now until 802.11i comes out.
It still using RC4, but the Key was changed to TKIP.
TKIP basically works by generating a sequence of WEP keys based on a master key, and re-keying periodically before enough volume
of info. could be captured to allow recovery of the WEP key. TKIP changes the Key every 10,000 packets, which is quick enough to
combat statistical methods to analyze the cipher.
TKIP also adds into the picture the Message Integrity Code (MIC). The transmissionís CRC, and ICV (Integrity Check Value) is
checked. If the packet was tampered with. WPA will stop using the current keys and re-keys.
The Future (probably in mid 2005
will come with the release of 802.11i).
The Big Change will be
Advance Encryption Standard (AES).
802.11i will change the WPA RC4 usage to employ AES.
Referred to as WPA2 the main difference
for regular user would be.
WPA uses (as describe above) TKIP/MIC
WPA2 uses AES-CCMP Encryption
AES aka the Rijndael algorithm is a secure, fast symmetric cipher that is easily implemented in hardware.
AES has its own mechanism for dynamic key generation. It's also resistant to statistical analysis of the cipher text.
Counter-Mode/CBC-MAC Protocol (CCMP)
called the Advanced Encryption
Would this be full proof forever? I doubt, but it is a step in the
Note* some features might be
"mixed and matched" in current Non Standard releases.