Hi,
A really simple answer would be as follows:
- Open system and Pre-shared (or shared) key are the two types of authetication mechanisms used with WEP.
- In Open system authetication, the client does not need the WEP key to authenticate and associate with the AP. The WEP key is required only when when the client start using the AP to exchange data (using the network/ Internet).
- In Pre-shared key (PSK) authentication, the WEP client needs to provide the WEP key to the AP while authenticaing with it. It uses a simple "4 way challenge-response handshake" for this purpose (I hope hope you know what that is). After the authentication and association, WEP can be used for encrypting the data frames.
In case you are wondering which one is more secure, the following might be useful:
- While simply looking at the definitions, it may seem like the PSK authetication is more secure, in reality it is the other way round.
- In PSK, while using a simple challenge- response handshake, the AP sends the challenge in clear-text. This allows any attacker to capture that challenge and corresponding response from the client, and attack the same. (Basically it's easier to distinguish the challenge frame)
- In Open authentication, the key is required after the authetication and association, and only when the client tries to exchange data using the AP. This reduces (although only slightly) the likelihood of the key compromise.
Hope this helps.
Additional information can be provided through links to other articles.
Warm regards,
Sarang
