Which WEP authentication is more secure, open or shared
secret?. The obvious answer is the shared secret, but as WEP is vulnerable, the
shared secret authentication can give the hacker a way to authenticate and to transmit
traffic without even knowing the shared secret.
By capturing the challenge and its encrypted form one can retrieves the Keystream (by XORing the 2 values) corresponding to a particular IV (Initialization Vector), having this, a hacker can authenticate and transmit packets.
Open Authentication is considered more secure, because there is no challenge so no way to get the keystream from the authentication phase.
Anyway, the wise advice is to keep away from WEP
By capturing the challenge and its encrypted form one can retrieves the Keystream (by XORing the 2 values) corresponding to a particular IV (Initialization Vector), having this, a hacker can authenticate and transmit packets.
Open Authentication is considered more secure, because there is no challenge so no way to get the keystream from the authentication phase.
Anyway, the wise advice is to keep away from WEP
No comments:
Post a Comment