3

WEP is now considered as insecure. But how about the 256-bit WEP? Could someone explain why a 256-bit encryption isn't enough?

'A 256-bit WEP system is available from some vendors. As with the other WEP-variants 24 bits of that is for the IV, leaving 232 bits for actual protection. These 232 bits are typically entered as 58 hexadecimal characters. ((58 × 4 bits =) 232 bits) + 24 IV bits = 256-bit WEP key'

user129789
  • 425
  • 1
  • 5
  • 7

1 Answers1

4

Yes. 256-bit WEP is insecure. There are a broad range of attacks against WEP. Most of them aren't affected by the key length. Wikipedia has references to many attacks on WEP; for more, read those references. Don't use WEP. Go straight to WPA2.

D.W.
  • 36,365
  • 13
  • 102
  • 187
  • No, I am not using WEP. Just trying to understand why 256-bit encryption is not strong enough. While 256-bit keys are considered secure, when talking about AES for example. What are the names of this attack? – user129789 Jul 22 '13 at 04:01
  • @user129789, I've edited my answer to include a link to the Wikipedia article that lists a number of attacks on WEP. That should be enough to give you references to the research papers or other descriptions of those attacks. The problems in WEP have to do with mis-use of cryptographic primitives, and are not related to key length (longer keys can prevent exhaustive keysearch, but if the WEP attacks are shortcut attacks that do not need to try all possible keys). – D.W. Jul 22 '13 at 04:07
  • Wikipedia states that 'leaving 232 bits for actual protection'. So, you are saying that you don't need to crack the 232 bits? Then how many (bits) of the 232 bits do you need to crack? – user129789 Jul 22 '13 at 04:16
  • 1
    @user129789 Let me explain with an analogy: installing a super high security vault door won't matter if your window is open. Or the chimney, cellar door, back entrance and sewer connection for that matter. – orlp Jul 22 '13 at 06:31
  • @nightcracker: Could you explain it with the probability distributions mentioned by the authors: 'Andreas Klein showed that there is a correlation in RC4 between Keybytes 1 to i-1, the keystream and the keybyte i. If the keybytes 1 to i-1 and the keystream are known, it is possible to guess the next unknown keybyte with a probability of about 1.36/256' – user129789 Jul 22 '13 at 06:35