In cryptography it is a bad practice to use the same encryption key to encrypt every single packets / data. If Eve the eavesdropper has a copy of the encryption key used between Alice and Bob, although she’s unauthorise to read things not sent to her, she will be able to read all packets/data communicated between Alice and Bob.
WEP IV (Initialisation Vector) Security Flaw
Based on this diagram:
A plain text that is going to be encrypted will be going through an Integrity Check Algorithm to produce a ICV which is sent with the packet to ensure the packet has not been altered with.
The Secret Key (Encryption Key) will go through a pseudorandom number generator to make a key sequence which has the same length as the plaintext. It then use a 24-bit IV as part of the secret key.
Lastly, the plaintext with ICV is encrypted by Bitwise XOR Process with the key sequence created in step 2 to create a ciphertext.
The vulnerability is at the IV — The 24-bit IV is equivalent to a total number of 2^24 useable IV. Although 16,777,216 seems a lot, IV is reused in a matter of 2–3 hours. Reusing IV is as good as reusing a password — You can calculate the encryption key through statistical attacks.
It is not a good idea to use WEP if better encryption standards are available.
With the limited number of IV, by listening to the Wi-Fi frequency channel and collecting enough packets, you can statistically calculate the encryption key through a suite of tools provided by the AirCrack suite.
Injection of packets might not work on all Wi-Fi cards as only certain chipset are supported.
Do not hack into other’s network or risk being prosecuted under the Computer Misuse Act.