SECURITY FLAWS IN 802.11 DATA LINK PROTOCOLS.

This article investigates the security problems in the 802.11-based data link protocol, Wireless Equivalent Privacy (WEP). It is evident that anyone with a radio receiver can eavesdrop on a wireless local area network (WLAN), and therefore widely acknowledged that a WLAN needs a mechanism to counter this threat. The IEEE 802.11 standard defines a data confidentiality mechanism known as WEP. The security goal of WEP is data confidentiality equivalent to that of a wired LAN. WEP falls short of this objective, which is an intuitively appealing but vague security goal. As a consequence, WEP was insufficiently thought through, and numerous flaws quickly appeared. The discovery of shortcomings led to a process to replace WEP by more robust security protocols. The study of WEP flaws illustrates the difficulties in security protocol design. An understanding of these flaws helps clarify the choices made by the designers of the new protocols. WEP has several serious inherent problems. It does not meet its fundamental goals of wired-equivalent confidentiality.