WEP key generation from a passphrase?
Last Post: May 25, 2007:
-
First, don't use WEP - ever.
Second, if your boss forces you to use WEP, then here's your answer:
----
8.2.1.4.3 WEP seed construction
A WEP implementation shall construct a per-MPDU key, called a seed, by concatenating an encryption key
to an IV.
For WEP-40, bits 0?¡é?€?¡°39 of the WEP key correspond to bits 24?¡é?€?¡°63 of the seed, and bits 0?¡é?€?¡°23 of the IV correspond to bits 0?¡é?€?¡°23 of the seed, respectively. The bit numbering conventions in 7.1.1 apply to the seed. The seed shall be the input to ARC4, in order to encrypt or decrypt the WEP Data and ICV fields.
NOTE?¡é?€?¡±For WEP-104, bits 0?¡é?€?¡°103 of the WEP key correspond to bits 24?¡é?€?¡°127 of the seed, and bit 0?¡é?€?¡°23 of the IV correspond to bits 0?¡é?€?¡°23 of the seed, respectively.
The WEP implementation encapsulating an MPDU?¡é?€??s plaintext data should select a new IV for every MPDU
it WEP-protects. The IV selection algorithm is unspecified. The algorithm used to select the encryption key used to construct the seed is also unspecified.
The WEP implementation decapsulating an MPDU shall use the IV from the received MPDU?¡é?€??s Init Vector
subfield. See 8.2.1.4.5 for the specification of how the decapsulator selects the key to use to construct the per-MPDU key.
----
So, the answer is that it's not specified and therefore likely incompatible across vendors. Hence the need for the Wi-Fi Alliance's Wi-Fi interoperability testing.
Devinator
- 1