• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

IEEE 802.11 WEP Integrity Check Vulnerability

The Wired Equivalent Privacy (WEP) algorithm is used to provide confidentiality, integrity and authentication to the 802.11 protocol. WEP uses RC4 for encryption and CRC32 for message integrity.

Since flipping a bit in a message encrypted with RC4 results in the corresponding bit being flipped in the decrypted plaintext the use of CRC-32 in WEP allows an attacker to flip bits in the encrypted 801.11 packet and adjust the CRC so that the modified message passes the integrity check.