WiFi Manager raises this alarm when weak IV (Initialization Vector) is used.

What is WEP and what is IV?

WEP stands for Wired Equivalent Privacy, it is a encryption algorithm to encrypt data over radio waves and was designed to secure data when they are transmitted in a wireless LAN (802.11 networks). WEP is defined as part of the 802.11 standard.

To protect data WEP uses the RC4 cipher which uses a steam of bits, called the key stream and combine this with the message to produce the cipher text. RC4 uses the exclusive OR (XOR) operation to combine the key stream and the ciphertext. To recover the original message, the receiver processes the chipertext with an identical keystream.

This RC4 key which is typically 64 bit consists of two parts - 40 bit secret key and a 24 bit Initialization Vector (IV). This IV is a continuously changing number and are used to prevent a sequence of text that is identical to a previous sequence from producing the same exact ciphertext when encrypted. Thus these IVs increases the randomness in the encryption stream and as such each packet gets additional protection against attacks.

Problem of weak IVs

The IV space was too small and this forced reusing of the IVs. A flaw in the encryption algorithm enabled certain IVs to reveal more information about the WEP key. These IVs are known as weak IVs. There were about 9000 weak IVs out of 16000000 possible ones. WEP key can be cracked using a few thousands of these weak IVs and on a busy network this might be a few minutes.

More details on this can be obtained from Weaknesses in the Key Scheduling Algorithm of RC4 by Scott Fluhrer, Itsik Mantin, and Adi Shamir.

Tools exploiting this weakness in WEP to identify the WEP keys

*  AirSnort
*  WEPCrack.

WEP Disabled

Adhoc Network