WEP performance impact

Discussion in 'Wireless Internet' started by Fredrik, Aug 31, 2003.

  1. Fredrik

    Fredrik Guest

    I wonder what the performance impact is when when switching on wep
    encryption on a 802.11b network?

    Regards
    Fredrik
     
    Fredrik, Aug 31, 2003
    #1
    1. Advertisements

  2. 64bit 10-20% drop in throughput
    128bit 20-30% drop. Unless you need to max out the bandwidth all the time,
    go for 128 bit, for net access you will not notice the drop.
     
    Paul Landregan, Aug 31, 2003
    #2
    1. Advertisements

  3. Fredrik

    johnny Guest

    I found that I had only a 2Mb transfer rate after turning on WEP. I've been
    told that using VPN instead of WEP will give better performance and
    security.

    Since I'm a nobody and don't really need transfer rates faster than my
    internet connection, I've decided just to use WEP for the time being.
     
    johnny, Aug 31, 2003
    #3
  4. Fredrik

    Tom McCune Guest

    I do no file sharing, so can't comment on LAN performance, but on my 2Mb
    RoadRunner connection, I download at the 2Mb limit regardless of whether I
    use 128 bit WEP - of course, I use it.
     
    Tom McCune, Aug 31, 2003
    #4
  5. Fredrik

    Selar Rao Guest

    WEP is insecure at any key length, due to the design of its Initialisation
    vector. Therefore "128 bit" WEP in reality offers no security advantage over
    "64 bit" WEP. In fact 128 bit and 64 bit are misnomers, the shared WEP keys
    are really 40 bits and 104 bits in length for "64" and "128" bit WEP. The
    remaining 24 bits are the randomly generated 24 bit IV appended to the WEP
    key.

    This means that after every 2^24 iterations the same IV will be used, since
    the WEP shared key is static, this means that the whole key is repeated
    unchanged, from thereon its trivial to crack. This is compounded by the fact
    that there is no means to co-ordinate the use of the IV among the various
    base stations, hence the frequency of the IV repeating increases
    proportionately with the number of base stations and the density of
    transmissions. Hence the only way to keep the shared key secret is to change
    it every 2^24 frames atleast, as this is impossible to implement, WEP is
    insecure at any key length.

    Note here, that the frequency of key change depends on the length of the IV
    (Initialisation Vector) which is static at 24 bits regardless of the shared
    key length. 2^24 frames may seem a lot, but a busy AP typically transmits
    this many frames in the space of an hour. An attacker typically has to
    collect a few hours worth of frames before the WEP key can be broken,
    regardless of the length of the shared key.

    In summation, if you want better WEP security, changing the key(s) often is
    more important than the WEP bit length.
     
    Selar Rao, Sep 1, 2003
    #5
  6. Fredrik

    Len West Guest

    Look to upgrade to WAP from WEP. Linksys has the updated drivers out.
     
    Len West, Sep 1, 2003
    #6
  7. On Mon, 1 Sep 2003 04:58:09 -0400, Len West spoketh
    You mean upgrade to WPA from WEP... WPA only works with Windows XP (free
    upgrade from MS). W2K users (and all other MS OS's) will have to
    purchase a WPA client from a 3rd party vendor.


    Lars M. Hansen
    http://www.hansenonline.net
    (replace 'badnews' with 'news' in e-mail address)
     
    Lars M. Hansen, Sep 1, 2003
    #7
  8. Fredrik

    Tom McCune Guest

    I appreciate the suggestion. Last time I went looking, I couldn't find the
    updates for my WAP11 v2.6 and WPC11 v3. My brief searching yesterday
    didn't find them either, but I'll go back looking again today.
     
    Tom McCune, Sep 1, 2003
    #8
  9. Fredrik

    Tom McCune Guest

    <snip>

    Doesn't this really depend on the volume of wireless use? My understanding
    is that since my one computer use of WEP is of relatively low volume, that
    changing keys weekly, prevents the attack on the IV. The 40 bit keys can
    be brute forced within a few hours on a modern computer - since 104 bit
    keys cannot currently be brute forced, I believe my use of "128 bit" WEP is
    actually much more secure than using "64 bit WEP." Obviously, this is not
    the case for a heavy duty industrial user.
     
    Tom McCune, Sep 1, 2003
    #9
  10. Fredrik

    John Eckart Guest

    There is no performance difference between 64bit and 128bit WEP, so there is no reason to use 64bit.
     
    John Eckart, Sep 1, 2003
    #10
  11. there is here on my Vigour router and previously when I was in adhoc mode
    128bit was greatly slower throughput than 64bit.

    There is no performance difference between 64bit and 128bit WEP, so there is
    no reason to use 64bit.
     
    Paul Landregan, Sep 1, 2003
    #11
  12. Fredrik

    Tornado Guest

    From what I understand, most vendors are currently sinking $$$ into WPA
    upgrades for their 802.11g gear (both on the AP/router products and
    client PC cards). WPA upgrades for 802.11b hardware, especially older
    versions, will have to wait, if they ever come at all.

    I did similar research and have determined the best option for now is to
    get a 802.11g router and the free XP WPA upgrade for my built-in "g" card.
     
    Tornado, Sep 1, 2003
    #12
  13. Fredrik

    Tom McCune Guest

    I was pleasantly surprised to find a WPA upgrade for my WPC11, but was
    disappointed to find nothing for my WAP11. I guess I'll wait a little
    while to see about the WAP11 before I go further.
     
    Tom McCune, Sep 1, 2003
    #13
  14. Fredrik

    johnny Guest

    Do you mean WPA?
     
    johnny, Sep 1, 2003
    #14
  15. Fredrik

    dold Guest

    I bought my Orinoco Silver when it was $20+ cheaper than the Gold, so I
    can't do 128bit WEP. I don't use 64 bit, because most of my connections
    are to public hotspots. We do have a 128 bit WEP at work, but I can't
    participate in that one. I have an SMC card that does 128bit, but I
    use the Orinoco in part for its slightly better sensitivity, but mostly
    because it runs NetStumbler and the SMC doesn't.

    I don't expect WPA to ever be available for my cards.
    I'll probably buy a new card when WPA is readily available.
     
    dold, Sep 1, 2003
    #15
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.