But WEP is a perfect example. WEP is a protocol which uses RC4 for crypto.
RC4 was a really bad proprietary cipher to use, with well known weaknesses even back then, and with key sizes providing no security margin at all. It is essentially a horrible cipher, and they could have barely chosen a worse one while even pretending they tried.
And yet, even with all such horrible decisions about RC4, the primary problem was still not in RC4. WEP didn’t even use RC4 correctly. RC4 only tries to be secure if you don’t reuse IVs, otherwise all bets are off. WEP completely ignored that. Mishandling IVs/nonces is not even anything obscure—it’s one of the basics.
WEP uses 24-bit IVs. Birthday paradox guarantees IV reuse.
Original WEP uses 40-bit key. This is already borderline broken, so any extra weakness moves us into trivially broken in seconds territory WEP occupies now.
But WEP is a perfect example. WEP is a protocol which uses RC4 for crypto.
RC4 was a really bad proprietary cipher to use, with well known weaknesses even back then, and with key sizes providing no security margin at all. It is essentially a horrible cipher, and they could have barely chosen a worse one while even pretending they tried.
And yet, even with all such horrible decisions about RC4, the primary problem was still not in RC4. WEP didn’t even use RC4 correctly. RC4 only tries to be secure if you don’t reuse IVs, otherwise all bets are off. WEP completely ignored that. Mishandling IVs/nonces is not even anything obscure—it’s one of the basics.
What then-known weaknesses in RC4 do you have in mind?
I don’t get your meaning about key sizes, could you be more specific?
WEP does not re-use IVs.
WEP uses 24-bit IVs. Birthday paradox guarantees IV reuse.
Original WEP uses 40-bit key. This is already borderline broken, so any extra weakness moves us into trivially broken in seconds territory WEP occupies now.
RC4 weak key schedule.