Which legacy wireless protection mechanism is considered inherently flawed by standards bodies?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Study for the WGU ITAS 2142 D830 Introduction to Cryptography Exam. Review flashcards and multiple choice questions with hints and explanations. Get ready for your exam!

Multiple Choice

Which legacy wireless protection mechanism is considered inherently flawed by standards bodies?

Explanation:
WEP is inherently flawed because its design combines a stream cipher (RC4) with a very small initialization vector (IV) of 24 bits. In real networks, many packets are sent, so IVs quickly repeat, causing the same keystream to be used more than once. When an attacker can observe enough encrypted packets, these IV repetitions let them perform practical attacks to recover the secret key and decrypt traffic, breaking confidentiality. Beyond this, WEP’s integrity protection is weak. It uses a CRC-32 as a message integrity check, which is not cryptographically secure and provides no proper authentication. That means a attacker can tamper with data or craft new frames and not be reliably detected, undermining data integrity and authenticity. Because of these fundamental weaknesses, standards bodies have deemed WEP unreliable and deprecated it in favor of more secure protections like TKIP and, later, AES-based WPA2 and WPA3.

WEP is inherently flawed because its design combines a stream cipher (RC4) with a very small initialization vector (IV) of 24 bits. In real networks, many packets are sent, so IVs quickly repeat, causing the same keystream to be used more than once. When an attacker can observe enough encrypted packets, these IV repetitions let them perform practical attacks to recover the secret key and decrypt traffic, breaking confidentiality.

Beyond this, WEP’s integrity protection is weak. It uses a CRC-32 as a message integrity check, which is not cryptographically secure and provides no proper authentication. That means a attacker can tamper with data or craft new frames and not be reliably detected, undermining data integrity and authenticity.

Because of these fundamental weaknesses, standards bodies have deemed WEP unreliable and deprecated it in favor of more secure protections like TKIP and, later, AES-based WPA2 and WPA3.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy