2

I know that WEP uses stream cipher encryption. The key stream = RC4(IV, K).

My question is: The shared symmetric key is the same for all users? Or each user has it's own symmetric key. Also, how can a user get this key?

AleksanderCH
  • 6,435
  • 10
  • 29
  • 62
Jorge Martins
  • 23
  • 4
  • 2
    Yes, the shared symmetric key is the same for all users. Users get the key from owner of the access point (AP). – Aedvald Tseh Dec 26 '19 at 18:27
  • Thanks. So users that know the secret key can decrypt other users messages, since the IV is public, right? – Jorge Martins Dec 26 '19 at 20:38
  • 1
    Yes, according to chapter authentication in https://en.m.wikipedia.org/wiki/Wired_Equivalent_Privacy. After the authentication and association, the pre-shared WEP key is also used for encrypting the data frames using RC4. – Aedvald Tseh Dec 26 '19 at 21:14

1 Answers1

3

The shared symmetric key is the same for all users?

The shared key is exactly the same for each user, assuming they are connected to the same WEP access point. Because the nonce is concatenated with the key and fed directly into RC4, each wireless frame is technically using a different key (at least until the small 24-bit nonce repeats).

This is unlike 802.11i (WPA2), where a symmetric key called the PTK is derived in the 4WHS (4-way handshake) that is specific to that user and their current session, although this does not prevent a user who knows the PSK (via the passphrase) and has captured the 4WHS from deriving the PTK. Each user does, however, share a secret key called the PSK, though it is not directly used for encryption.

Also, how can a user get this key?

The user can obtain the key either by asking the AP owner for it, or by exploiting one of any numerous weaknesses in the WEP protocol to crack the key and use it for authentication or to decrypt/inject data.

forest
  • 15,253
  • 2
  • 48
  • 103