̈ Chapter 11: Wireless LAN – WLAN LANCOM Reference Manual LCOS 3.50
217
Wireless LAN – WLAN
combination of two clear text packets. If one already knows the contents of
one of the two packets, then the clear text of the other is easily determined.
Thus WEP does not directly use the key entered by the user for the RC4
algorithm, but rather combines it with a so-called Initial Vector (IV) to arrive
at the actual RC4 key. This IV is automatically changed from packet to packet
by the sender, generally by simple incrementation, and is transmitted along
with the encrypted packet. The receiver uses the IV included in the packet in
order to reconstruct the RC4 key actually used for the packet.
WEP also calculates a CRC checksum for the unencrypted packet and appends
it to the packet before it is RC4-encrypted. The receiver can check this CRC
checksum after decryption and determine whether the decryption was
faulty—for example, due to an incorrect WEP key. In this way, WEP also
happens to offer a certain degree of access security, since an intruder without
knowledge of the WEP key can only generate "defective" packets, which will
automatically be filtered out by the WLAN card.
This additional IV explains some of the confusion one sees about the key
length in WEP—since larger key lengths sound more secure, the 24 bits of the
IV sound nice when added to the actual key length, although the user can of
course only configure the left-over portion. The IEEE standard originally
foresaw a relatively short key length of 40 bits, which was probably oriented
towards the then-existing US export restrictions on strong cryptography—this
variant is usually called WEP64 in brochures. Most WLAN cards today support
a variant in which the user can configure a 104-bit key, which results in a 128
bit long RC4 key—correspondingly, this is often called WEP128. More seldom
are key lengths of 128 bits (WEP152) or 232 bits (WEP 256).
As explained above, RC4 can in principle work with key lengths up to 2048
bits, which would correspond to WEP keys of up to 2024 bits. In the practice,
key lengths reach a simple limit at which the user can manage to enter the
columns of digits without making a mistake. Since WEP is a pure PSK method,
the keys must be entered identically on both sides of the connection. The IEEE
standard provides no mechanism to distribute WEP keys in a WLAN
automatically. Some manufacturers have, for instance, attempted to simplify
entry for users by requiring entry not of the WEP key itself, but rather a
passphrase (a sort of overly long password) from which the key can be
calculated. However, this procedure varies from manufacturer to
manufacturer so that the same passphrase for different manufacturers might
lead to different WEP keys—besides, users have a tendency to choose
passwords which are relatively easy to guess, so that the resulting keys are