Comparative Analysis of Wireless Security Protocols: WEP vs WPA

Data security in wireless network has posed as a threat that has stuck to the core of data communication from point A to point B. There have been a variety of security issues raised in wired and wireless networks and security specialists proposed a variety of solutions. The proposed security solutions in wired networks could not be successfully implemented in wireless networks to identify, authenticate and authorize users due to infrastructural and working principles of wireless networks. Data on wireless network are much exposed to threats because the network is been broadcasted unlike a wired network. Researchers have proposed WEP and WPA to provide security in wireless networks. This research is going to compare the WEP and WPA mechanism for better understanding of their working principles and security bugs.


Introduction
Wireless communication helps exchange information form one point to another or more points.Data security involves data availability, data confidentiality and data integrity.For example, data availability can be achieved by well management of the computing environment, and integrity via data backups, and verification methods.These methods help to ensure the readiness of data.Most wireless technology uses electromagnetic wireless communication [1] [2].WEP and WPA are the basic data and network security mechanisms provided to ensure security in wireless network environment.
This paper would try to highlight the different mechanisms of data protection or security in wireless network or environment.Section 2 of this paper would discuss data security in wireless networks and common attacks known to data in wireless environment.Section 3 describes different mechanisms of data security in wireless environment and wired environment, but more emphasis would be placed on wireless environment.Section 4 would describe deals on cryptography algorithms for data security.Section 5 concludes the research on data security in wireless network.

Wireless Encryption Protocol (WEP)
This security measure is for Wireless LAN and it is a part of the IEEE 802.11 security standard.In the WEP, the Cyclic Redundancy Code (CRC-32) is used for providing data security and integrity, while the RC4 stream cipher is used to provide confidentiality [2] [3].The WEP standard specification supports a 40-bit key length while the non-standard specification provides a 128 and 256-bit key length in data encryption.

Encryption Process of the WEP
The encryption process of the WEP for data communication consists of 5 steps as shown in Figure 1.
In the initialization process, a 24-bit vector is linked together in a series form with a 40-bit WEP key.
The result form the linked key acts as a seed value for pseudo random number generator [3]- [5].
An integrity algorithm is carried out on the plain text so an Integrity Check Value (ICV) can be generated which is then linked with the plain text.
To generate the cipher text, RC4 algorithm is applied on the plain text in addition with the ICV and the key sequence.
The wireless Media Access Control (MAC) payload frame is generated by putting the initialization vector (IV) in front of the encrypted data combining ICV along with other fields.

Decryption Process of the WEP
In the WEP decryption process, the following takes place as shown in Figure 2.
The initialization vector from the 802.11 standard frame is linked with the WEP key, acting as a seed value for Pseudo Random Number Generator.
In getting the plain text, the CR4 algorithm is applied to the cipher text and the key sequence.
The plain text and the original ICV are gotten in this stage.To generate the new ICV the plaint text is added to the Integrity algorithm to get the new ICV.
The New ICV generated in the previous stage is compared with the original ICV to check for data integrity.

Security Vulnerabilities in WEP
In computer, data or network security a proposed solution does not always cover or profile solution to all the areas that have weakness in the corresponding field.The WEP protocol has some security weakness such as: 1) Weak Cryptography: Captured network traffic analyzed showed that shared key that is been used by the WEP can be easily decoded analyzing the captured data.This can lead to data manipulation and loss of data integrity [6] [7].
2) Absence of Key Management: The WEP does not have the key management feature to manage different keys in its key table, rather same key is used for a very long period of time and this shows poor quality [8]- [10].Small Key Size: The key size of the WEP standard is only 40-bit key.This makes the WEP open to attack especially the brute force attack, because the encryption key is only 40-bit.The brute force attack as form of an offline dictionary mechanism that probes the network with frequently used encryption words and check out the data gotten from the captured traffic to get the secret passphrase.
3) Reuse Initialization Vector: From the explanation in Figure 1 and Figure 2, the same initialization vector was used.This can lead to data decryption without the use of the appropriate key, because the IV can be gotten easily and other crypto-app can be used to decrypt the data.
4) Authentication Issues: Due to the challenge-response scheme that is used in shared key authentication, a man-in-the-middle attack can be carried out in the WEP.This kind of attack that possess as the corresponding destination or source of a data in a network in other to gain access to confidential information that is in transit.This leads to sensitive information to be compromised and if possible it can also lead to data loss.5) Packet Forgery: There's no protection against packet forgery in WEP.Data packets can be forged using third-party application and injected into the network, this can lead to data manipulation and loss of data integrity.
6) Flooding: This is sending of huge data packets that's lots or messages to an access point and thereby preventing the legitimate users from gaining access to the network, and also limiting the access point from processing data in the traffic [11] [12].

Common Attacks on WEP
The attacks that are common to the WEP protocol are: Korek Chopchop Attack: In this form of attack, the attacker can decrypt the last s bytes of the plaintext of an encrypted packet by transmitting s* 128 number of packets on the network [13] [14].This attack does not show the root key as shown in figure.From Figure 3, the attacker chops away the last byte from the captured data packet and guesses the last byte of the captured packet and modifies it and sends it to the access point.If the modified last byte that was guessed by the attacker is correct, the access point would accept the data packet.The attacker moves on to guessing the second last byte and moves on till the whole data is guess.But if the last byte guessed of the captured packet is wrong the access point discards the packet.
Bittau's Fragmentation Attack: This attack method gives an attacker the edge in finding keystream of length s, after the keystream have been found; the attacker sends the packet with the corresponding payload length s-4, removing four bytes from the ICV.If the packets are long it can be split up to 16 fragments distributing the packet payload s-4 according.After the packet is received and reassembled by the access point, the data packet it re-encrypted with a new key stream.The attacker already knows the plain text so he can also get the new key stream [13]- [15].
Other forms of WEP attack are Fluhrer, Mantin and Shamir (FMS) Attack and Pyshkin, Tews and Weimann (PTW) Attack.Figure 4 shows the WEP protocol shows its safety improvements.

Wireless WPA (W)
The WPA protocol was introduced in 2003 by the Wi-Fi alliance to try and eliminate or overcome the laps that's in WEP [16]- [18].The main reason for the WPA is to address the cryptography issues in WEP.The WPA provided some good security feature such as WPA Encryption Process, WPA Authentication Mechanisms which includes; WPA-Personal or WPA-PSK, WPA-Enterprise.The WPA Encryption Process is explained in Figure 5 below.Figure 5 explains the WPA encryption process, where a Temporal Key Integrity Protocol (TKIP) is used by WPA for data encryption [12]- [14] [18].This eliminated the use of the same key in encryption, a different key is generated randomly for every data packet, and a 128-bit key is used to encrypt the data packet.The Michael algorithm is combined with the TKIP providing replay protection, and uses the Message Integrity Code (MIC) for high level data integrity.This is more secured compare to the one in the WEP that uses a 32-bit.
WPA Authentication Mechanisms: The mechanisms provided by the WPA are WPA-Personal or WPA-Pre-Shared Key (WPA-PSK).WPA Pre-Shared key is static and it is used in initiating communication between two users.The static key is a Pairwise Master Key (PMK) in TKIP must be ready before an association can be set [19] [20].In the WPA-PSK, an authentication server is not required because it is most suitable for small office  or home networks.A 256-bit key is used for authentication of devices and a 64-bit MIC key and a 128-bit key is created from the pre-shared key for data encryption.
The WPA-Enterprise: This is basically designed for enterprise networks, where the EAP provides a stronger authentication method.The Remote Authentication Dial in User Service (RADIUS) is essential for providing excellent security for wireless network [21]- [24].The EPA have various methods which include: EAP-Lightweight Extensible Authentication Protocol (EAP-LEAP), EAP-Flexible Authentication via Secure Tunneled (EAP-FAST), EAP-Message Digest 5 (EAP-MD5), EAP-Transport Layer Security (EAP-TLS), EAP-Tunneled Transport Layer Security (EAP-TTLS), EAP-Subscriber Identity Module of Global System for Mobile Communications (EAP-SIM).Figure 6 shows an EAP Infrastructure.The EAP infrastructure has three components that are vital to its authentication process: 1) EAP-Peer: this is the access client, which is attempting to gain access the network.
2) EAP-Authenticator: the access point that needs authentication before permitting network access.

Security Vulnerabilities of WPA
In WPA there are a variety of security vulnerabilities available which are: The WPA uses a RC4 cryptography algorithm instead of an Advanced Encryption Standard (AES) that is more secured and encrypt better.
Brute force attack can also be carried out on the WPA.
The WPA is also open to Do S attacks.The setup or configuration process is complicated.
In the WPA, several attacks are common to it such as the Beck-Tews Attack, Ohigashi-Morii Attack, Micheal Reset Attack, and WPA-PSK Attack.

Wireless (WPA2)
The WPA2 protocol is an improvement over the WPA.The 802.11i is completely implemented in the WPA2.The main change that was done in the WPA2 over the WPA relates to the data encryption algorithm.The Counter Mode with Cipher block Chaining Message Authentication Code Protocol (CCMP) uses a block cipher which is the Advance Encryption Standard (AES) for data encryption [28]- [31].Table 1 shows the comparison between WEP, WPA and WPA2 protocols in terms of security.
Variety of researches conducted in the literature to enhance security in wireless networks.However due to nature vulnerable structure of wireless networks and diversification of attacks, different classifications and even different schemes could not be successful to achieve security goals in wireless networks [32]- [36].

Conclusions
Data security is a vast field of study, because data get compromised, altered, and stolen always.Lots of research has not been thoroughly conducted in this aspect of security.This paper highlighted the data security process and method of the WEP, WPA, and WPA2.We found out that the WPA2 is more secured in data transmission compared to the preceding protocols, although they all have their shortcomings.Later in the paper we discussed various data encryption method for securing data before it's been transferred.Some of the data encryption methods that were discussed are the Symmetric and Asymmetric encryption methods, types of data cipher  for data encryption such as the block and the stream data cipher; where the stream cipher seems more faster in process while block chiper has been slower but more secured.The Hash Algorithm was also discussed which used both public and private keys as well as digital signatures in data encryption progress.The different methods or techniques of encryption or cryptography hold a very strong principle of data security but if the secret key is known most times the cryptosystem gets compromised.Hence, the keeping of the secret key is vital to prevent data compromise and also the network security should be considered too, because if an attacker can gain access into the network, data packets can be captured and analyzed further using third party software to decrypt the data or corrupt the data so both the sender and the receiver don't have the message.Other forms of data security that was not discussed in this paper are: Steganography where data is hidden and not seen compared to encryption, Data Masking, Data Erasure, Checksums, etc. Future research would be conducted on comparing the various data security mechanisms and their performance metrics.