Initialization Vector Collisions
Since there have been noted problems with WEP, security concerns deal
explicitly with items like initialization vector (IV) collisions. The problem
lies with how the RC4 IV is employed to create the keys used to
drive a pseudorandom number generator used to encrypt wireless network
traffic. For example, the IV in WEP is defined as 24 bits, really
only a small space that can be misused by reusing keys. Furthermore,
WEP doesn’t define how the IV is designated, so that many wireless NIC
cards reset these values to a null value and then increment by one for
every use. This means that once a hacker has caught two packets using
the same IV or key, it is possible to discover information about the original
transmitted packets of information.
304 times read
Did you enjoy this article?
(total 0 votes)