Security protocol standard

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.


Wireless Equivalent Protocol (WEP):

WEP is a security protocol standard ratified in 1999 by the IEEE as encryption standard for wireless local area networks (WLANs IEEE 802.11) and was designed to provide the same level of security as that of a wired LAN. In WLAN frame transmission is over the radio waves (air interface) and do not have the same security level as physical LAN and therefore are more vulnerable to attacks. WEP aimed to provide security between end points by encrypting data over radio waves, however it has been found that WEP is not that much secure, as it was believed once. WEP operates at the bottom 2 layers, the data link layer and physical layer of the OSI Model and therefore does not offer end-to-end security.

WEP relies on a shared secret key K between the communicating stations to protect data frame transmission. The RC4 encryption algorithm is used to generate key stream to encrypt data before transmission.


RC4 is a stream cipher created by Ron Rivest of RSA security in 1987.RC4 generates

A pseudorandom bits stream (Keystream), which is XORed with the plaintext to produce the Ciphertext. Therefore the Keystream is completely independent of the plaintext and has the same size as the plaintext.

Secret Key (K): size 40 or 104 bits.

Initialization vector (IV): IV is a block of 24 bits, required to allow a stream cipher algorithm execution in any of several unique keystream produced by the same encryption key.

RC4: is an algorithm that generates a Keystream with the help of initialization vector and secret key, therefore input for RC4 is

WEP Key = IV + K = 24 + 40 = 64 OR 24 + 104 = 128 bits.

Plaintext (P): Plaintext size is between 0 and 18496 bits and also contains 32 bits CRC check sum (to detect and correct error during transmission) this is called Initial Chaining vector (ICV).

Ciphertext (C): the Plaintext is XORed with the Keystream to produce Ciphertext.

Key Schedule Algorithm (KSA): KSA algorithm is based on the Secret Key (Length), which generates a random 256 S-Box's.

Pseudo random generation Algorithm (PRGA): PRGA generates streaming Key based on the RSA array S (S-Box).

A secret key size of 40 bits or 104 bits is combined with a 24-bit Initialization Vector (IV) given as input to the RC4 algorithm, which then generates Keystream. The Keystream is then XORed with plaintext P and its checksum CRC known as ICV (Initial Chaining Vector) to generate Ciphertext C for transmission over the air.

Weaknesses of WEP

  • The same IV (initialization vector) can be used more than once, makes WEP vulnerable to collision-based attacks.
  • With IV of 24 bits, we only have about 16.7 million of possible combinations.
  • Masters key instead of temporary key is directly used.
  • Most users usually do not change their keys. This gives hackers more time to crack the encryption.
  • Identification and authentication per-user was not supported.
  • Extended authentication methods such as certificates, smart cards, biometrics etc were not supported.
  • Dynamic key management, Per-station key management and rekeying support were not included.

Wi-Fi Protected Access (WPA):

WPA was created by the Wi-Fi Alliance to improve WEP several serious security weaknesses such as share key, small and week un-encrypted initialization vector (IV) were identified by the researchers. The WPA is designed to work with existing Wi-Fi products which using a WEP security features (i.e. software upgrade to existing hardware requires) but the technology includes two improvements over WEP.

  • Improved data encryption through temporal key integrity protocol (TKIP), which scrambles key using a Hash algorithm and, by adding an integrity-check feature, ensures key is not tampered.
  • User is authenticated (802.1x standard) through the extensible authentication protocol (EAP). EAP is based on a more secure public-key encryption system, which ensures that only authorized network users can access the network. While WEP does not include user authentication, WEP regulates access to a wireless network based on a computer's MAC (NIC) address, which is relatively simple to be sniffed out and stolen.

The Wi-Fi Protected Access (WPA and WPA2) is temporary standard and will be replaced with the IEEE's 802.11i standard after its completion, because WPA2 implements complete 802.11i standard.

Both WEP and WPA can be implemented in the available wireless LAN different standards, these wireless LAN standards are explained below.

  • 802.11: 802.11 is the original WLAN standard developed by IEEE; the later are extension to the original, it operates on 2.4GHz unlicensed frequency band 2470 - 2483 MHz (North America/Europe) and 2470 - 2499 MHz (Japan). At Layer2 it uses CSMA/CA (Carrier Sense Multiple Access /Collision Avoidance) and at Physical Layer it uses Frequency Hopping (FH) 1 Mb/s (only), Direct Sequence Spread Spectrum (DSSS) 1 and 2 Mb/s. Its duplex method is Time Division Duplex (TDD).
  • 802.11a: 802.11a standard operates at 5 GHz Unlicensed National Information Infrastructure (UNII) band and was standardised in 1999. At Physical Layer it uses Orthogonal Frequency Division Multiplexing (OFDM) and accommodates 52 users in a 20 MHz channel with speed of 6, 12 and 24 Mb/s and with optional speed of 9, 18, 36, 48 and 54 Mb/s. at Layer 2 MAC it uses CSMA/CA for multiples access. Its components cost is high and consume high power.
  • 802.11b: 802.11b is high-speed wireless LAN standards was released in 1999 based on a DSSS physical layer specifications. It operates on 2.4 GHz frequency band and offers 5.5 Mb/s and 11 Mb/s bit rates and uses CSMA/CA multiple access method at Layer 2. It is a low cost and is certified by the Wi-Fi alliance, is not interoperable with 802.11a, was popular in the market. The main drawback of this slandered is interference with appliances operating with same frequency band i.e. microwave oven, Cordless phone and Bluetooth devices etc
  • 802.11g: 802.11g is an extension to 802.11b was approved in 2003, combines the features of both 802.11a & 802.11b, and operates on 2.4 GHz frequency band with a data rate up to 54Mbps. At Layer2 MAC it uses (CSMA/CA) multiple access method and at Physical Layer 1 uses OFDM multiplexing techniques. It is certified by the Wi-Fi alliance with improved security and is compatible with 802.11b and is medium cost.
  • 802.11n: 802.11n standard is developed by US IEEE to raise the effective throughput of wireless local area networks (WLAN) to at least 100 Mbps with MIMO (multiple input multiple output) techniques using more antennas for sending and receiving. This operates on 2.4 or 5 GHz frequency band not yet finished.

Comparison of WEP and WPA:

WEP is the first security standard implemented in 802.11 wireless networks, as data transmission is over the open medium (air), needs to be protected from eavesdropping attacks. Due to the weakness found in WEP, the Wi-Fi alliance introduced Wi-Fi Protected Access (WPA) as an improvement to the WEP. The table bellow shows comparison between WEP and WPA.


  1. William Stallings,“ Cryptography and Network Security Principles and Practice”, 4th Ed, 2005, Prentice Hall.
  2. Bruce Schneier, “Applied Cryptography, (Protocol, Algorithm, Source code in C”, 2nd Edition, 1996, John Willey & Son Inc.
  5. Microsoft Corporation, “Windows Platform Design Notes Wi-Fi Overview”,