We've Moved!
Visit SDSU’s new digital collections website at https://digitalcollections.sdsu.edu
Description
The wired equivalent privacy is a security standard designed in the year 1999 by the institute of electrical and electronics engineers to provide security in a wireless network. Although WEP was deprecated in 2004 due to many security flaws, it is surprisingly widely used. For instance, in our research, we found an internet site that tracks unique wifi networks in its database claiming that about 25% (of roughly 85356393) of those networks it has documented, still use wired equivalent privacy encryption. In this thesis, we gave a general descriptive overview of the multiple parts of the security standard. We described the authentication options provided by this standard, along with the error correcting code used in the standard. In this thesis, we also described the types of errors that the error detecting code fails to detect; we then demonstrated how the error detecting code is fooled into accepting certain codewords even though these codewords were not error free. In this thesis, we also described the encryption algorithm "Ron's Code 4" which is one of the major parts of the security standard since it is used to guarantee the privacy of information. After, describing in details how the encryption and decryption is done, we describe one of the most damaging attacks on the security standard. The Fluhrer-Mantin-Shamir attack is one of the earliest attacks that took advantage of certain initialization weaknesses in the encryption algorithm to give attacker knowledge of the secret key used by the encryption code, thus giving the attacker free access to all the private data encrypted using this key. In this thesis, we described why this attack was so successful, and we demonstrated the effectiveness of the attack with examples.
