Static WEP - Shared Key Mode

這裡記錄一下當使用者設定成Static WEP – Shared Key的時候，它的封包流程和內容長什麼樣子。

從上頭的流程圖可以得知：NONE Security和Open System只有2道認證；而Shared Key則是需要4道。

AP MAC Address: E8:C7:CF:AF:59:40
STA MAC Address: 80:86:F2:83:07:0C

Security: Static WEP
Authentication: Open System / Shared Key
Key Length: 64-bit / 128-bit
Key Type: ASCII / Hex
Key Index: 1
Key1 / 2 / 3 / 4: ABCDE / N / A / N / A / N / A

#619: The STA send Authentication (request) to AP.
#627: The AP feedback Authentication (response) with cleartext challenge (口令盤查) to STA.
#625: The STA send Authentication (request) with encrypted cleartext challenge (WEP加密過的口令盤查) to AP.
#629: The AP feedback Authentication (response) to STA.
#631: The STA send Association Request to AP.
#634: The AP feedback Association Response to STA.

這一次偷懶，並沒有抓AP和STA的Probe Request / Response封包，因為這本來就會有的；直接從Authentication開始抓。其中#627和#625的順序剛好對調，這是因為接收封包的軟體順序的問題，並不代表AP和STA的行為錯誤。

#619: The STA send Authentication (request) to AP.

Authentication Algorithm現在是設定成 Shared Key (1)。

#627: The AP feedback Authentication (response) with cleartext challenge (口令盤查) to STA.

AP回覆128 Bytes的Challenge Text。

#625: The STA send Authentication (request) with encrypted cleartext challenge (WEP加密過的口令盤查) to AP.

這一個封包已經先行經過WEP解密，所以才看的到封包內容。STA也回覆128 Bytes的Challenge Text，但是有經過WEP加密過。

#629: The AP feedback Authentication (response) to STA.

最後一個封包，AP回覆Status Code: Successful (0x0000)，表示認證成功。留意這四組封包：#619、#627、#625、#629，它們的Authentication SEQ依序為：0x0001、0x0002、0x0003、0x0004，也表示這一個完整的認證過程。再補充IEEE 802.11對Authentication Algorithm的規範：

Refer: CWSP-Legacy 802.11 Security

Related:

• Wired Equivalent Privacy
• Wireless WEP Encryption
• Static WEP - Open System Mode