WEP – Where Everyone’s Permitted

The continued usage of WEP in wireless networks is staggering.

In fact, I'm not sure why it's allowed as an option at all.

You have two main security decisions to make when setting up a wireless network.

Do you want to implement security with your network? And if so, which security protocol will you support?

I have learned to accept that many people choose to forgo security, as a trade for ease of usage. Others, who want to secure their network from unauthorized users, have several security options, which differ in strength.

When using, misnamed, Wired Equivalent Privacy, you have two levels of protection, 64- or 128-bit. Or, for those keeping score, WEP-40 and WEP-104 (with IV removal.) Although, the true misnomer, is the inclusion of the word "protection".

Employing WEP, has become essentially the equivalent to free open access. Exploiting the RC4 stream cipher has been a hacker pastime for the past 6 years. Taking advantage of the cryptographic weaknesses of WEP, cracking applications, WEPcrack and Airsnort, were both released back in in 2001.

With time, the cracking process evolved in efficiency and simplicity. This lead to a tremendous number of websites, that provided simple tutorials on WEP cracking. Disbelievers, or those still unknowing, can learn here, here, or watch a video tutorial here.

Today's hacking toolkits contain user friendly applications, with simple GUIs, providing WEP keys to any script-kiddie or n00b in need. Furthermore, researchers have reduced the amount of traffic and time required to crack 104-bit keys, to less than 60 seconds of packet capturing and a few seconds of processing.

To get an estimate of WEP's prevalence in wireless networks today, check out some of the statistics over at the comprehensive Wireless Geographic Logging Engine (WIGLE).

Using their geographic navigation maps, I was even able to acurately view most of the residential wireless networks of my Podunk town in South Carolina (verified by a local wardriver, that I....um...know).

With over 14 million unique wireless networks in the WIGLE database, approximately 6.5 million, or 46%, are using WEP. Furthermore, approximately 17% are broadcasting their default SSIDs, of which Linksys is the current leader.

It's been just over a year since the TJHacks incident went public, where we witnessed what happens when a multibillion dollar company is a little slow to update its wireless security protocols. Ooops!

Bottom line: WEP needs to abandoned, outlawed, and possibly, destroyed -not fixed.

That means no WEP2, WEP+, or Dynamic WEP.

This also applies to the ridiculous amount of time and research, wasted on developing WEP protection mechanisms, like WEP Cloaking, WEP Guard, or WEP key changers.

Has Joshua Wright taught us nothing?

Why are security acronyms like, WPA2, LEAP, PEAP, TLS, TKIP, etc. still unknown to network admins? ("etc" is not a security acronym)

Why do any industry compliance standards even mention WEP, as any kind of implementation option?

Everyone has legacy equipment, incapable of supporting newer security protocols. Budgetary constraints may be partially responsible, for the impeded hardware upgrades necessary to meet current security standards. But, how many more security breaches, or identity thefts (yes, WEP is responsible for many of these), must occur, before this problem is adequately and uniformly addressed?

Hopefully, one day, people will start realizing that a security algorithm introduced by the IEEE in 1994 (rev. 1), is inadequate 14 years later.

Should standards and protocols come with expiration dates?

My SSID is NSFnet, and my WEP key is e1ee7c0de5. Login at: