Dispelling the Myth of Wireless Security
Subject:   About WEP keys
Date:   2003-08-15 15:11:13
From:   rflicken
Response to: Wireless Security

The various key lengths quoted by manufacturers can certainly be confusing.

The original 802.11b specification defined a 40-bit user-specified key. This key is combined with a 24-bit Initialization Vector (the IV), a random number that is part of the WEP algorithm. Together, this yields 64 bits of "key", although the IV is actually sent in the clear!

Likewise, 104-bit WEP is used with the IV to yield 128 bits of "key". This is why user-defined ASCII keys are five characters long (5 characters times 8 bits/character == 40 bits) or thirteen characters long (13 characters times 8 bits/character == 104 bits). The user doesn't define the IV. Even when specifying long hex keys, these are simply hashed into a 40 bit or 104 bit sequence, and combined with the IV.

Using the real time analysis mode of AirSnort (as I did in this experiment), it doesn't try brute force the key space, but instead collects weak IVs that the AP transmits. Since the IVs are sent in the clear, collecting them is just a matter of observing enough traffic. The key length (40 or 104) does make some difference, but not the exponential increase in work that you might expect. From AirSnort's home page:

"AirSnort requires approximately 5-10 million encrypted packets to be gathered. Once enough packets have been gathered, AirSnort can guess the encryption password in under a second."

I chose to use the 40 bit (or 64 bit, if you like) WEP key for a couple of reasons. It is by far the most common WEP implementation in use, it's the only one defined by the 802.11b standard, and that's all the hardware I had on hand (at the time) would support. When I scrape together an AP and a couple of machines that will do 104 bit WEP, I'll certainly give it another run.

I highly recommend reading any of these papers for more detail about the weaknesses of WEP than I have room to talk about here.

Or buy my book. ;)