Portal de Periódicos da CAPES

Wired equivalent privacy reinvestigated

2010; Taylor & Francis; Volume: 13; Issue: 2 Linguagem: Inglês

10.1080/09720529.2010.10698282

2169-0065

Amar Kumar Mohapatra, Nupur Prakash,

Cryptographic Implementations and Security

Abstract Security is a strong requirement for effective deployment of business wireless communication applications. Therefore, many proposals dealt with security holes in Wired Equivalent Privacy protocol (WEP). In this paper, we analyze WEP security holes and we propose an improvement over WEP which achieves its security goals. Our premise is to permit deploying an efficient security mechanism on wireless networks. We introduce an efficient way by using shared session keys as the seed to the RC4 stream cipher. The shared session key can be calculated at the sender’s and the receiver’s end simultaneously by using the Triple Formula. The solution calculates the key without transmitting any part of it in open air unlike IV vector which eliminates the possibility of a key leak. Security analysis shows that the proposed scheme is strong against some well known attacks like Key Reuse, Authentication forging, Denial of Service, Brute force and Known plain text attack.