Sara, a security administrator, is noticing a slowdown in the wireless network response. Sara launches a
wireless sniffer and sees a large number of ARP packets being sent to the AP. Which of the following type of
attacks is underway?
In this question, it’s likely that someone it trying to crack the wireless network security.
An initialization vector is a random number used in combination with a secret key as a means to encrypt data.
This number is sometimes referred to as a nonce, or “number occurring once,” as an encryption program uses
it only once per session.
An initialization vector is used to avoid repetition during the data encryption process, making it impossible for
hackers who use dictionary attack to decrypt the exchanged encrypted message by discovering a pattern. This
is known as an IV attack.
A particular binary sequence may be repeated more than once in a message, and the more it appears, the
more the encryption method is discoverable. For example, if a one-letter word exists in a message, it may be
either “a” or “I” but it can’t be “e” because the word “e” is non-sensical in English, while “a” has a meaning and
“I” has a meaning. Repeating the words and letters makes it possible for software to apply a dictionary and
discover the binary sequence corresponding to each letter.
Using an initialization vector changes the binary sequence corresponding to each letter, enabling the letter “a”
to be represented by a particular sequence in the first instance, and then represented by a completely different
binary sequence in the second instance.
WEP (Wireless Equivalent Privacy) is vulnerable to an IV attack. Because RC4 is a stream cipher, the same
traffic key must never be used twice. The purpose of an IV, which is transmitted as plain text, is to prevent any
repetition, but a 24-bit IV is not long enough to ensure this on a busy network. The way the IV was used also
opened WEP to a related key attack. For a 24-bit IV, there is a 50% probability the same IV will repeat after