Is WEP shared key authentication secure?

1142380 pts.
Tags:
Authentication
WEP
I'm pretty new to the security field and I've been reading up on wireless authentication / shared key authentication. It doesn't sound very secure to me. Basically, here's what I figured out:
  1. The station sends an authentication request to the access point.
  2. The access point sends challenge text to the station.
  3. The station uses its configured 64-bit or 128-bit default key to encrypt the challenge text, and it sends the encrypted text to the access point.
But if someone was actually monitoring the authentication, that person would have the text challenge in plain text / its encrypted counterpart. So then figuring out thew passphrase would be pretty simple. Is that how it works? I would appreciate any help.
1

Answer Wiki

Thanks. We'll let you know when a new response is added.

You are correct in your concern. WEP is no longer considered secure and should not be used in most cases. WEP’s main problem is that it uses a static key that, as you surmise, can be captured and cracked. The only advantage to using WEP is that all devices support it. So, if you have older equipment, you can still put WEP on it. It’s better than nothing.

The current strongest wireless security standard is WiFi Protected Access 2 (WPA2) which is based on 802.11 and provides government grade security. WPA2 uses AES encryption and is virtually impossible to crack without physical access to the network.

You still need to use a strong passphrase for WPA2. For sure don’t rely on the default settings of any wireless router and never use WiFi Protected Setup (WPS); it is vulnerable to brute-force attack. Set up your access point manually.

Discuss This Question:  

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following

Share this item with your network: