The ability of users to access programs and share data over local area networks (referred to as “LANs”) has become a necessity for most working environments. To improve efficiency and ease of use, certain enhancements may be added to a LAN such as remote wireless access. By providing remote wireless access, a wireless LAN (WLAN) is formed.
As described in U.S. Pat. No. 5,987,062 issued to Netwave Technologies, Inc., now owned by Nortel Networks Limited, one type of WLAN employs dedicated stations, which are referred to as access points (APs). Therein, each AP is a relay station that includes a radio frequency (RF) transceiver that receives radio data packets over a communication channel from mobile units. Of course, each AP also transmits radio data packets over the communication channel to the mobile units.
To discourage an interloper from eavesdropping on communications between an AP and a mobile unit, a data confidentiality algorithm may be utilized within a WLAN. In accordance with Institute of Electrical and Electronics Engineers (IEEE) 802.11, this data confidentiality algorithm is referred to as “wired equivalent privacy” (WEP). In general, WEP is a symmetric key algorithm that is configured to encrypt information with a combination of a secret key and an initialization vector (described below) prior to transmission over a wireless link. This prevents an interloper from obtaining an unauthorized, non-encrypted copy of data communicated between an AP and its mobile units.
As shown in FIG. 1, a block diagram of a WEP shared key authentication sequence is shown. In general, a mobile unit 10 issues an authentication request 100 to an access point (AP) 20. In response, the AP 20 returns a challenge text 110. Herein, the “challenge text” 110 is a sequence of alphanumeric characters approximately 128 bytes in size and generated by the AP 20. Upon receipt, the challenge text 110 is encrypted using a secret key 120 that was previously negotiated by the mobile unit 10 and the AP 20, concatenated with a series of bits of a predetermined number, referred to as an “initialization vector” (IV) 130. The IV 130 is concatenated with the encrypted challenge text and transmitted. This produces a “challenge response” 140, which is sent to the AP 20.
Upon receiving the challenge response 140, if the AP 20 is able to recover the challenge text 110 using its own stored version of the secret key 120, the mobile unit 10 is authenticated. Otherwise, the mobile unit 10 is not authenticated and the AP 20 will not receive and process its transmitted data.
Although WEP provides greater security to communications between the AP and its mobile units, the content of these communications is still subject to attack. For example, an interloper can monitor authentication sequences between the mobile units and an AP. As shown, from the authentication sequence, an interloper can obtain an IV and a portion (approximately 128 bytes) of the keying material (based on the secret key and initialization vector) by performing an exclusive-or (XOR) operation on both the encrypted challenge text and the challenge text 110. By maintaining a record of the IVs and their portion of keying material, an interloper can decrypt an amount of encrypted information without knowledge of the secret key.