Which wireless standard is insecure?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Study for the WGU ITAS 2142 D830 Introduction to Cryptography Exam. Review flashcards and multiple choice questions with hints and explanations. Get ready for your exam!

Multiple Choice

Which wireless standard is insecure?

Explanation:
WEP is insecure because its encryption design is fundamentally flawed. It uses the RC4 stream cipher with a 24-bit initialization vector (IV) that is sent in the clear along with every packet. Because the IV space is only 24 bits, busy networks quickly exhaust it and end up reusing the same keystream for different packets. When the same keystream is used more than once, an attacker can XOR the corresponding ciphertexts to cancel the keystream and reveal information about the plaintext, making it feasible to recover the shared key with widely available tools. In addition, WEP uses a simple CRC-32 for integrity, which is not a cryptographic safeguard. This means an attacker can modify a transmitted packet and adjust the CRC to match, undermining data integrity. The key itself is static, offering little protection against long-term attacks. By contrast, WPA and WPA2 introduce per-packet keys and stronger integrity protections (TKIP or AES-CCMP), and modern standards like 802.11ac rely on these stronger protections by default. That’s why WEP is considered insecure and not suitable for protecting wireless networks today.

WEP is insecure because its encryption design is fundamentally flawed. It uses the RC4 stream cipher with a 24-bit initialization vector (IV) that is sent in the clear along with every packet. Because the IV space is only 24 bits, busy networks quickly exhaust it and end up reusing the same keystream for different packets. When the same keystream is used more than once, an attacker can XOR the corresponding ciphertexts to cancel the keystream and reveal information about the plaintext, making it feasible to recover the shared key with widely available tools.

In addition, WEP uses a simple CRC-32 for integrity, which is not a cryptographic safeguard. This means an attacker can modify a transmitted packet and adjust the CRC to match, undermining data integrity. The key itself is static, offering little protection against long-term attacks.

By contrast, WPA and WPA2 introduce per-packet keys and stronger integrity protections (TKIP or AES-CCMP), and modern standards like 802.11ac rely on these stronger protections by default. That’s why WEP is considered insecure and not suitable for protecting wireless networks today.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy