Wireless WEP-keys

Technically there are only 2 types of WEP-keys: 40-bits and 128 bits. The WEP-standard saids that the keys should be in HEX-format when communicating. This means that they kan be either 10 hex-digits (40 bits divided by 4 bits per hex digit) or 32 hex-digits (128 bits divided by 4). For example BEEFBABE01 or 1234567890ABCDEF1234567890ABCDEF.

This is how it works under the hood. Always. No exceptions.

If you enter an ACSII-key in windows it makes the following desicion:

1) Is the ASCII-key either EXACT 10 or 32 chars long?

2) Does the ASCII-key contain only digits 0 to 9 or charactes A to F?

If both of the circumstances above are true Windows assumes that what You entered is already an HEX-key and no conversion will be done. If not, Windows will convert the key to an HEX-string that is either EXACT 40 or 128 bits long (10 chars or 32 chars).

The problem is that different systems might convert the ascii-string to a HEX-string in different ways. What happens for example if the user enters the chars åäö? These has different ASCII-codes depending on which keymap that is used. Also, special characters like !”#¤ might be different encoded on different systems.

So my advice if you need to use WEP (I know there are cases when you have no choice) is to select an HEX-key that is either 10 or 32 chars long and always enter the key in HEX-format on all systems, both clients and access-points/controllers. This is the advice i always give when this question shows up.

Better safe than sorry, this will definately give you least amount of trouble. Good luck!

Tagged with: , ,
Posted in Uncategorized


[mc4wp_form id="2457"]
Website Security Test