WEP is supposed to protect data sent over a wireless link. As discussed in the text, WEP has many security flaws, one of which involves its use of initialization vectors, or IVs. WEP IVs are 24 bits long. WEP uses a fixed long-term key K. For each packet, WEP sends an IV in the clear along with the encrypted packet, where the packet is encrypted with a stream cipher using the key Kjy = (IV, K), that is, the IV is pre-pended to the long-term key K. Suppose that a particular WEP connection sends packets containing 1500 bytes over an 11 Mbps link.
a. If the IVs are chosen at random, what is the expected amount of time until the first IV repeats? What is the expected amount of time until some IV repeats?
b. If the IVs are not selected at random but are instead selected in sequence, say, IV j = i, for i = 0,1,2,... ,22 4 — 1, what is the expected amount of time until the first IV repeats? What is the expected amount of time until some IV is repeated?
c. Why is a repeated IV a security concern?
d. Why is WEP "unsafe at any key length" [321]? That is, why is WEP no more secure if K is 256 bits than if K is 40 bits? Hint: See [112] for more information.