WEP KEY sizes
WEP provided two Key Lengths for encryption
– 40 bit WEP Key
– 104 bit WEP Key
An Initialization vector (IV) of length 24 bits was added to these key lengths to make the WEP keys as 64 bit/ 128 bit keys.
Initialization vector (IV):
As is seen from the above, the key is constant for all data packet transmissions. A data frame encrypted with the key will output the same bytes even if it is encrypted many times.
As an example, consider that the frame contains the ASCII characters “VIVEK”, if the same key is used to encrypt the data – the key would output the same encrypted bytes every time the data is encrypted.
This would cause a security problem as an attacker would be able to look at the encrypted sequences ad figure out that the same output is being reproduced. This allows the attacker to deduce the Key in use.
To circumvent the above problem, the standard introduced the Initialization vector (IV) – a value that would be added to the WEP key configured to create the actual encryption key. For each data transmission – the Initialization vector changes and hence the encrypted output also changes. The Initialization vector is sent in the WEP MPDU so that the receiver can concatenate the Initialization Vector (IV) to the WEP key and decrypt the packet.
The below capture indicates the Initialization vector used with Key Index 0 default key to encrypt the data sent
