Open WEP analyzed. 802.1X WEP, is it secure?
Posted on 2008-10-28
I have read the Open WEP vs WEP Shared and am a little confused about Open WEP as I have never had someone verify my interpretation of Open WEP. Some say use Open WEP and others say use Shared WEP. Here is what I am unsure of: With Open WEP no key is supplied, so anyone can attach to the AP and the network behind it. So, is the Wireless connection encrypted? If so, I assume the encryption process is based of some random key. Is the key Random for each wireless user?. Meaning, 2 or more users are using different random keys? If not, and the key is the same, then there seems to be little point to using it as I suppose someone can use a sniffer to see your traffic.... if the keys are the same. If they are not the same, then I am going to assume that Open WEP is very secure from a WIRELESS SNIFFING standpoint. Meaning, it is very difficult for 2 wireless users to see each others wireless traffic. I believe this to be true. Here is why, and completes the title of my question.
I am setting up 802.1X on a brand new Cisco 4404 Wireless controller that is using new 1131 APs in LWAPP mode of course. I am using certificates that will be pushed down via MS Group Policy to the clients. So far so good right. Here is the odd thing. In Autonomous mode the APs allow for 802.1X WPA. VERY secure! However the controller only allows the use of 802.1X WEP..... NO 802.1X WPA option. So, I know the authentication process is secure, but what about the WEP part. That leads me to believe that WEP is secure from an encryption standpoint so long as the keys are not known. Back to the above statements... the keys must be random and undetectivle via a sniffer. So, Shared WEP is not secure because the key can be easily seen via a wireless sniffer. Open WEP is secure but allows anyone access to the AP...and the network behind it. One is then reliant on the security of the wired network. Is this assumption above correct? So, with 802.1X, the authentication is very strong, and the WEP part must be very strong. Are my assumptions correct or am I way off. Hate to be so verbose, but I did not know how to shorten the issue and confusion down.