Consider the following pseudo-WEP protocol. The key is 4 bits and the IV is 2bits. The IV is appended to the end of the key when generating the keystream. Suppose that the shared secret key is 1010. The keystreams for the four possible inputs are as follows:
101000: 0010101101010101001011010100100 . . .
101001: 1010011011001010110100100101101 . . .
101010: 0001101000111100010100101001111 . . .
101011: 1111101010000000101010100010111 . . .
Suppose all messages are 8-bits long. Suppose the ICV (integrity check) is 4- its long, and is calculated by XOR-ing the first 4 bits of data with the last 4 bits of data. Suppose the pseudo-WEP packet consists of three fields: first the IV field, then the message field, and last the ICV field, with some of these fields encrypted.
a. We want to send the message m = 10100000 using the IV = 11 and using WEP. What will be the values in the three WEP fields?
b. Show that when the receiver decrypts the WEP packet, it recovers the message and the ICV.
c. Suppose Trudy intercepts a WEP packet (not necessarily with the IV = 11) and wants to modify it before forwarding it to the receiver. Suppose Trudy flips the first ICV bit. Assuming that Trudy does not know the keystreams for any of the IVs, what other bit(s) must Trudy also flip so that the received packet passes the ICV check?
d. Justify your answer by modifying the bits in the WEP packet in part (a), decrypting the resulting packet, and verifying the integrity check.
a)
Consider the following pseudo-WEP protocol: We want to send the message m = 10100000 using the IV = 11 and using WEP.
Suppose that the shared secret key is, k= 1010
ICV = first 4bits of data XOR last 4bits of data
= 1010 XOR 0000
= 1010
So, the values in the three WEP fields are as follows:
IV: 11
Encrypted message:10100000 XOR 11111010 = 01011010
ICV: 1010
b)
The receiver XORs the encrypted message with key stream to recover the original message as follows:
m= 01011010 XOR 11111010 = 10100000
Received ICV: 1010 ->(1)
The receiver calculates ICV, by XORs the first 4 bits of recovered message with last 4 bits of recovered message as follows:
1010 XOR 0000=1010->(2)
Both (1) and (2) values are same. So, when the receiver decrypts the WEP packet, it recovers the message and the ICV.
c)
Assume Trudy intercepts a WEP packet (not necessarily with the IV = 11) and wants to modify it before forwarding it to the receiver. Suppose that Trudy does not know the keystreams for any of the IVs, what other bit(s) must Trudy also flip so that the received packet passes the ICV check as ICV is the result of first 4 bits of message XOR 4 bits of message.
d)
As per part(a) answer, the received ICV and calculated ICV are same, the received WEP packet passes the integrity check.