Wireless Sensor Network, 2010, 2, 239-242
doi:10.4236/wsn.2010.23032 Published Online March 2010 (http://www.scirp.org/journal/wsn)
Copyright © 2010 SciRes. WSN
WEP and WPA Improvement
Mustafa ElGili, Samani A. Talab, Awad H. Ali
Department of Information Technology, University of Neelain, Khartoum, Sudan
E-mail: mustgili@hotmail.com
Received September 24, 2009; revised October 21, 2009; accepted October 25, 2009
Abstract
This paper aims to describe a solution to improve wireless network security protocols WEP and WPA based
on a modified RC4 algorithm for encryption, and based on initialization vector (IV) with secret key for a
session key exchange, and new mutual authentication mechanism.
Keywords: Wireless, Security, Authentication, WEP, WPA, RC4
1. Introduction
Wireless communications offer organizations and users
many benefits such as portability and flexibility, in-
creased productivity, and lower installation costs. How-
ever, risks are inherent in any wireless technology. The
loss of confidentiality and integrity and the threat of de-
nial of service attacks are risks typically associated with
wireless communications. WEP and WPA are designed
to protect, but they still have weaknesses discussed in
[1–8].
2. Related Work
Many solutions have been proposed for the remedy of
the WEP and WPA encryption, key exchange and mutual
authentication problems. Reference [9] proposes a sch-
eme similar to WEP. The difference is that in EWEP it
encrypts the concatenation of the message and IV with
RC4. Encrypting IV aims to hide it from eavesdropping.
This proposal has many weaknesses represented below:
1) Because IV [i+1] depends on IV [i], if some frames
are lost, all frames coming from the same sender would
not be decryptable.
2) It uses Diffe-Hellman [10] to agree IV; this is dif-
ficult because there is no clear share value.
3) Rekey is done using special messages. No protec-
tion mechanism for the messages contains the new key.
4) No new authentication mechanism described which
means the authentication process is still weak.
5) It suffers from following attacks:
Disassociation and Deauthentication Attacks.
Shared Key Authentication Attacks.
FMS Attack.
Session Hijacking.
Reply Attack.
Reference [11] proposes new scheme which modifies
the process of WEP Key generation on TKIP. Comparing
with TKIP, the proposed protocol neither changes nor
increases hardware cost. Moreover, it narrows down
hardware computing quantities. Further, SEWTP reduces
authentication frequency. It also provides security func-
tion as well as TKIP and does not affect the performance
of throughput. But it has limitations represented as:
1) Over flooding, any client will send random number.
New secret key has been generated before authentication
process that leads to AP overload, because every client
joining the AP domain will take a time to generate his
secret key.
2) The clear IV still there.
3) Every 2^24 packet there will be random number
from client to AP, this will lead to:
Over load traffic.
Overload in process time.
4) It suffers from the following attacks:
Disassociation and Deauthentication Attacks.
Shared Key Authentication Attacks.
FMS Attack.
Session Hijacking.
SYCH attack.
2.1. Proposed Solution: WEP and WPA
Improvement
We will propose a novel schema which essentially con-
sists of three mechanisms:
1) Mutual Authentication between AP and Station.
2) Session Key Exchange mechanism.
3) Strong Encryption Protocol using modified RC4,
and IV shadow.
M. ElGili ET AL.
240
2.1.1. Mutual Authentication Process and
Session Key Exchange
This is a solution for weak authentication in Wireless
LAN which uses pre-shared key authentication, and also
can be used in enterprise solution without any third party.
The mutual authentication mechanism and Session Key
Exchange mechanism consisting in the following steps:
1) The first step stores the challenge value in the Sta-
tion like secret key similar to Access point.
2) The second step: When the Station sends associate
request to the Access point, the Access Point sends en-
crypted challenge with the secret key to Station.
3) The Station receives the Encrypted challenge and
decrypts it using the secret key and Access point IV, and
compares it with the challenge it has. If they are equal
that means this Access point is trusted.
4) If this Access Point is trusted Calculate K', IV’ us-
ing Equations 1, 2 respectively, and uses them with K
(secret key), to encrypt the challenge again and sends it
to the access point.
5) Update the Station challenge by adding IV’ to old
challenge.
6) The Access Point receives the Encrypted challenge
and calculates the K', IV’ and uses them with K (secret
key), to decrypt challenge if it is equal to the challenge
sent. This means the Station is trusted.
7) Update Access Point challenge by adding IV’ to old
challenge.
2.1.2. Session Key Exchange Mechanism
During Authentication process, we can calculate the ses-
sion key, by using the equation below:

0
kk
cli acc+3
I
VIV Ki
  (1)
The result of using Equation(1) to calculate K’ shown
in Figures 1, 2 and 3, they explain that there is no linear
relation between old IV[i] and K’[i].
2.1.3. Strong Encryption Using Modified RC4
We modified RC4 to be suitable for use with our ap-
proach, by using K’ instead of feedback j as it is shown
in algorithm below. To prevent first byte attack [9], and
inverse attack:
Figure 1. Shows the relation between k’[0] and old IV[0].
Figure 2. Shows the relation between k’[1] and old IV[1].
Figure 3. Shows the relation between k’[2] and old IV[2].
RC4 Modified key scheduling algorithm:
1) {initialization}
2) for i from 0 to n 1 do
3) S[i]: = i
4) end for
5) j: = 0
6) {generate a random permutation}
7) for i from 0 to n 1 do
8) j: = (K’[I mod e]+S[i]+ K[I mod l])mod n
9) swap S[i] and S[j]
10) end for
As a result of simulation test there is no linear relation
between KSA[i] and old IV[i] as shown in Figures 4, 5
and 6. Which means the first byte attack cannot succeed.
Figure 4. shows the relation between old IV[0] and KSA[0].
Copyright © 2010 SciRes. WSN
M. ElGili ET AL.241
Figure 5. Shows the relation between old IV[1] and KSA[1].
Figure 6. Shows the relation between old IV[2] and KSA[2].
1) An encryptor and Decryptor that share a RC4 secret
key (K) agree session key or day key depending on the
security level that they need. Using Equation (1).
Where is '
K
represent session key or day key.
2) The secret key K uses to confuse IV to generate
'
I
V which will combine with K to generate RC4 key
seed as follows:
For i=o; IV length;
{} (2)
[ mod11]
'((*) mod 256
ki i
IVIV kIV
From the results of Equation (2) there is no linear rela-
tion between new IV[i] and old IV[i] as shown in Fig-
ures 7, 8 and 9. This means that we can send the old IV
as plaintext. The attacker can not use it to decrypt the
ciphertext.
Figure 7. shows the relation between oIV[0] and nIV[0].
Figure 8. Shows the relation between oIV[1] and nIV[1].
Figure 9. Shows the relation between oIV[2] and nIV[2].
3) Combine the secret K and IV', with K’ they will be
the seed for RC4 algorithm.
4) Send cipher text and IV.
2.2. Comparison the IV Value Rollover
For a device sending 10000 packets per-second
1) 24-bits, an IV will be reused after 16777216 pack-
ets, after 27.9 min. [WEP static secret Key]
2) 48-bit, an IV will be reused after 281474976710656
packets, after 892.6 years. [WPA static secret Key]
3) 24-bits, an IV will be reused after 16777216*39
*13*16 =136096776192 packets, after 5.2 month [Dy-
namic Session Key].
2.3. Comparison the Bandwidth Overhead
For a device sending 10000 packets per-second:
1) WEP overhead 44byte per-packet, means every sec-
ond 4.4 Kbytes.
2) WPA overhead 56byte per-packet, means every
second 5.6kbyte.
3) Our approach overhead 44byte per-packet means,
4.4 Kbytes.
3. References
[1] “WEP fix using RC4 fast packet keying,” February 2002,
http://www.rsasecurity.com/rsalabs/technotes/wep-fix.ht
ml
Copyright © 2010 SciRes. WSN
M. ElGili ET AL.
Copyright © 2010 SciRes. WSN
242
[2] S. Jariwala, “Enhancing wireless security with WPA,”
April 2004.
[3] A. Jain and S. Karan, “Wireless LAN security”.
[4] M. S. Ahmad and V. Ramachandran, “Cafe latte with a
free topping of cracked WEP—retrieving WEP keys from
road warriors”.
[5] M. O. Pervaiz, M. Cardei, and J. Wu, “Security in wire-
less local area networks,” Department of Computer Sci-
ence & Engine.
[6] D. Kalina, “WAP, WPA, and EAP,” March 2005,
http://islab.oregonstate.edu/koc/ece478/05Report/Kalina.d
oc
[7] T. Takahashi, “WPA passive dictionary attack overview,”
http://www.personalwireless.org/tools/WPA-Cracker/WP
A_Passive Dictionary_Attack_Overview.pdf
[8] V. Moen, H. Raddum, and K. J. Hole, “Weaknesses in the
Temporal Key Hash of WPA,” http://bora.uib.no/bit-
stream/1956/1901/21/Paper4 Moen.pdf
[9] H. R. Hassan and Y. Challal, “Enhanced WEP: An effi-
cient solution to WEP threats”.
[10] W. Stallings, “Cryptography and network security,” 3rd
edition, 1999.
[11] J.-C. Lin, Y.-H. Kao, and C.-W. Yang “Secure enhanced
wireless transfer protocol,” First International Conference
on Availability, Reliability and Security, 2006.
[12] A. Klein, “Attacks on the RC4 stream cipher,” 27 Febru-
ary 2007.