Shortcomings of plain wep security – Siemens IEEE802.11 User Manual

WLAN-IEEE802.11 Tutorial (Maximilian Riegel), 021018-wlan-tutorial.ppt

Page 60

© Siemens, 2002

Shortcomings of plain WEP security

n

WEP unsecure at any key length
– IV space too small, lack of IV replay protection
– known plaintext attacks

n

No user authentication
– Only NICs are authenticated

n

No mutual authentication
– Only station is authenticated against access point

n

Missing key management protocol
– No standardized way to change keys on the fly
– Difficult to manage per-user keys for larger groups

n

WEP is no mean to provide security for WLAN access,
– … but might be sufficient for casual uses.