If you’ve set up a wireless network before, you’ve probably read or been told to use WPA2 instead of WEP, because WEP is bad. Why is that? And what is WEP anyway?
Good questions. WEP was the first standardized way of securing wireless networks. It encrypts your data – which is good – but doesn’t do so well enough to stop people from eavesdropping – which is bad. The main problem with WEP is that it’s been solved, meaning anyone can break into a WEP network using freely available tools.
Imagine if a particular kind of lock for a door could be opened using only a credit card – just slide the card beneath the latch, pull up and you’re in. That’s a problem, right? Anyone who knows about this weakness could open any door using this lock.
Now imagine if most people knew that this particular kind of door could be easily opened. You wouldn’t use that door to protect your house – it’s a little better than not locking your door at all, but not much because that lock has a weakness, and everyone knows what that weakness is, that lock is effectively no longer useful.
WEP has a weakness, and everyone knows what that weakness is. WEP is a little better than not securing your wireless network at all, but not much. If you use WEP anyone can crack your code in minutes and start using your WiFi – and monitoring everything you do online. This could mean kids using your wireless to download TV episodes, or it could mean criminals stealing your identity. Either way, it’s not worth it.
Cracking WEP keys isn’t quite as simple as sliding a credit card to open a a door, but it’s pretty close. Don’t believe me? Check out James’ tutorial for cracking a WEP network using Backtrack Linux. You’ll be amazed how simple the process is. There’s a reason the credit card industry banned processing payments over a WEP network - it’s fundamentally insecure.
What Is WEP?
WEP stands for Wired Equivalent Privacy. It’s hard to think of something more secure than a direct, wired transfer of information – unless someone has access to the wire they can’t do anything to intercept the signal. So WEP’s name outlines the reason it exists – to bring the security of a wired connection to the world of wireless communication.
If there’s no security on your wireless router, that’s a problem. Unless individual sites offer security, everything you do online can be seen by anyone close to your network curious enough to snoop on you. They don’t even need to connect to your network: you’re literally broadcasting it. Every password, every search, every naughty image downloaded – unless the sites you browse all use SSL to encrypt traffic (ie, you see “https://” in the address bar) you’re vulnerable.
WEP was designed to stop such snooping by encrypting your traffic. And it worked, for a while. WEP became a standard in 1999, but by 2001 it was completely solved – anyone could crack a WEP network and watch what happens on it, quickly. This also allows unauthorized people to connect to your network, giving them access to any shared files and more, depending on their skill.
Why Does WEP Suck?
This 2001 paper, by Nikita Borisov, Ian Goldberg, and David Wagner of UC Berkeley, outlines the failings of WEP nicely. Read it if you want a full explanation of WEP’s shortcomings.
It’s a hard flaw to boil down without jargon, but I’m going to try. A standard network encrypted by WEP uses two keys to encrypt every bit of information sent. The first is your password, which is set up on the router and typed by users like you who’d like to connect to the network. The second key used to encrypt all information is a randomly generated one, called an IV.
Again, I’m simplifying here. If you can explain better, please do so in the comments below.
Assuming every IV key is completely different than every other IV key there is no problem. But you can’t assume that, because WEP uses such short IV keys there are only around 16 million possible ones. IV keys are so short that there isn’t enough of them to go around. Because of the sheer volume of information transferred it’s inevitable that there will eventually be a repeat. And once a repeat happens its easy to figure out what the message being transferred is – and from there to figure out what every bit of information being transferred is, regardless of IV key. You have the password, giving you full access.
There are many different ways to hack a WEP network at this point, but most of them boil down to this in some way. Again, read this paper if you want more specifics.
What To Use Instead?
When it became obvious WEP was fundamentally flawed another protocol was created to replace it – WPA. But even that was intended to be temporary, and is also vulnerable in some ways. That’s why it’s recommended that you secure your network using WPA2 today. It’s not foolproof, but with a secure password your Internet traffic over WPA2 is as secure as possible.
Curious just how secure you are? Read James’ piece on how easy it is to crack a WiFi network, which outlines flaws in WPA2 and provides tips for further security.
If your router doesn’t support WPA2 it’s seriously time to replace it. If that’s not an option right now, Christian outlined how to secure your wireless network in the short term by assigning it an aggressive name. It’s not a long-term solution but it’s better than nothing.
Do you have any other security tips? Share them in the comments below, because I always value a conversation.
Image Credit: via Shutterstock