We've all heard about how unsecure and easily crackable WEP is. WEP is the encryption method used on wireless networks at an attempt to make them just as secure as an unencrypted wired network. However, a couple of years ago it was proven that WEP can be broken, and there are now free utilities out there that can easily do this.

So on one side, you have the group of people that say that WEP is good enough for just a regular home user, and on the other side you have the group of people saying that WEP can be cracked in five minutes and you must use some other form of security. So I decided to figure out just how easy or difficult it would be to crack into a WEP-encrypted network.

Here's how it works. When a wireless network with 128-bit WEP is configured, you enter in 26 hex characters for an encryption key. Doing the math, this is only 108 bits, so that means that there are 24 bits missing. These 24 bits are still there. They're called the Initialization Vector, or IV. The IV is automatically generated by your network card and added to the encryption key that you've entered in to make a full 128 bits. The IV is supposed to be random, but it's not. The IV can actually become predictable, and with a large enough sampling of packets the entire key can then be decrypted. These predictable packets are called Weak-IVs. If someone could capture enough of these weak packets, the key could be decrypted. However, not all wireless network data contains these packets, so a very large sampling is necessary.

I downloaded and installed a program called Airsnort, which is meant to monitor networks. I collected enough packets and and ran the data through to successfully crack the key. This required nearly one million packets to be able to successfully “guess” the key. But the catch here is that it took nearly six days of collecting data for this actually work.

This amount of time will vary based on the network's traffic. The file that I collected was over 500MB, so however long it takes for your network to generate that much traffic is about how long it would take for your network to be cracked.

So the conclusion here is that WEP is definitely not strong enough encryption for anything requiring security. A wireless home network should be setup with a higher level of encryption or security such as an internal firewall, so that if your wireless network is compromised, the worst an attacker could do would be to use your internet connection. Another good alternative, which will only work if your networking equipment is rather new, would be to use WPA with pre-shared keys and/or RADIUS authentication.


Nick Coons
PC Chat Computer Show