In the past, you might have heard something about dangers of WEP encryption and about the fact that you shouldn’t use it on your home network. Why do people advise against using it and what is WEP?
Now it’s time to break down what WEP means and all of the flaws that come with it.
What WEP Is
WEP stands for “Wired Equivalent Privacy,” and it’s one of the early-day security protocols for Wi-Fi. When you use Wi-Fi, your computer sends packets of data to your router. If these packets aren’t encrypted, hackers can peek at them and see the data within. This tactic is known as a Man-in-the-Middle (MitM) attack.
If the packets are encrypted, then anyone performing a MitM attack on the network will see what you’re sending. That’s what WEP solved; it encrypted your data so people couldn’t peer into the packets.
How Does It Work?
WEP uses a data encryption scheme that is based on a combination of user- and system-generated key values. The original implementations of WEP supported encryption keys of 40 bitsplus 24 additional bits of system-generated data, leading to keys of 64 bits in total length. To increase protection, these encryption methods were later extended to support longer keys, including 104-bit (128 bits of total data), 128-bit (152 bits total), and 232-bit (256 bits total) variations.
When deployed over a Wi-Fi connection, WEP encrypts the data stream using these keys so that it is no longer human-readable but can be processed by receiving devices. The keys are not sent over the network but are stored on the wireless network adapter or in the Windows registry.
Why Is It Insecure to Use WEP?
If you want to understand WEP’s major flaw, let’s imagine a company that produces puzzle books. These books are renowned for being filled with incredibly tricky puzzles which require a lot of computational power to solve. Due to the extreme difficulty of the book, people like to collaborate to solve the puzzles.
The writers of the book want to fill it with enough content so that they can publish another one before the readers complete the current edition. If the general public solves the book before the book publishers release a new one, they have to get a new book out ASAP.
The Strength of Each Puzzle Book
The “strength” of each book can be broken down by these properties:
- The complexity of the puzzles. If the puzzles are harder to solve, the readers take more time to crack them. In the first few editions of the book, the puzzles were quite hard; however, after seeing how readers cracked previous editions, the puzzle setters have made them more devious over the years.
- The number of puzzles. As the puzzle setters get better at making puzzles, they can also fit more puzzles into each book as time goes on. This then extends the time needed to solve the book.
- The number of people who buy the book. If only one person buys the book, they’ll take a very long time to finish it. Conversely, if one thousand people buy it, the time it takes to solve a book shortens drastically.
From these three properties, you can make a rough estimate of how long it will take to solve a whole book. For example, if it takes a month for one person to solve one puzzle, and the book contains a thousand puzzles, it’ll take a dedicated team of one hundred people to solve the book within 10 months. As such, the next book should be ready to go before 10 months has passed.
This does mean that the older the puzzle book, the higher the chance that it’s solved already. This is especially true for the first few editions of books, which contains easier and fewer puzzles than later versions.
Why WEP’s Age Works Against It
In the same vein, WEP’s age makes it an insecure choice for encryption. It was the first protocol created for Wi-Fi, it has been out since 1997, and millions of people have used it since then.
From the puzzle book example, WEP would be the very first puzzle book to be released and fully solved. People on the internet can easily find tools that can break open WEP security, much like how people could search all the answers for the first puzzle book.
How WEP Security Cracked by Hackers
The main problem with WEP is that it only uses one static key when sending data from your computer. This wasn’t a problem when WEP first arrived; however, as time went on, hackers cracked the code behind the keys. As such, once a hacker knows the key for your Wi-Fi communication, they can break the encryption and read the data you’re sending.
Of course, a hacker can’t just apply a key and hope for the best—there are lots of WEP keys your computer can pick. However, hackers can keep an eye on the packets and monitor patterns in the encryption. Then, they work out what key fits the profile and crack the code.
It’s now at the point where people can download tools which automatically do this for them. They point the program toward a WEP-enabled network and leave it to monitor the pattern and crack the password by itself. As such, using a WEP-based connection in this day and age is very dangerous.
Does Anyone Still Use WEP?
If WEP came out in 1997, then surely everyone has upgraded their networks by now?
Unfortunately, WEP is still around on some ancient systems. Usually, this is because someone set up a system a long time ago, and the people who run it are unaware of the security risks that arise if you don’t upgrade.
As long as the system runs as it should, the organization won’t feel the need to upgrade. Some businesses are still using Windows XP, after all!
What Should You Do If You Use WEP Security?
If you use WEP on your home network, you are at risk of people snooping on your connection. As such, it’s worth upgrading to a stronger network protocol to keep people out.
Ideally, you’re on the lookout for a router that supports WPA2. WPA2 is a secure protocol that’s tougher to crack than WEP. It’s not perfect, but it’ll secure your network a lot better than WEP.
If you feel like spending a little extra, you can buy routers with WPA3 enabled, which is even stronger; however, at time of writing, WPA3 is still an emerging protocol and may cost you extra for the luxury.
Alternatively, if you find your current router’s signal gets unstable at long distances, you can use this opportunity to purchase a long-range model. Be sure to take a look at the best long-range Wi-Fi routers for some ideas.
What Replacements Are for WEP
WPA replaced WEP in 2004, and WPA2 replaced WPA. Although running a network with WEP enabled is better than running with no wireless encryption protection at all, the difference is negligible from a security perspective.
While WEP used to be secure, hackers chipped away at its defenses over time. Now, WEP is at the point where a budding hacker can download a tool that does all the work for them. If you use WEP, it’s a good idea to upgrade your security and avoid MITM attacks.