WEP encryption

I don't fully understand the WEP key structure and need guidance from
expertise.

My Netgear WGR614 has configuration page in WEP key as below:-

Passphrase: Openthedoor
128-bit WEP key generated: 1c1f9289ba0a0a0eaa111785ab

From WEP generator, I got the following

ASCII: Openthedoor
HEX: 4f70656e746865646f6f72

I am at loss why same ASCII code gives different hex code. Obviously, both
are correct if I type the same on AP and clients.

According to my understanding, 13 or less ASCII code or 26 or less are
acceptable for 128-bit WEP key. From above examples, obviously the below
one confirms to my understanding but the Netgear one does not. Regardless
of how many characters of ASCII code, it generates 26 hex code. Your advice
is appreciated

Thanks,

Ray

Ray

Ray

The 128-bit key requires you to supply 104 bits of data - that's 26 hex
digits. The Netgear generator will take any phrase you give it and run a
hashing algorithm to generate 104 bits.

In your 2nd example, the hex digits are simply the values of the characters
in the string "Openthedoor". That's 11 characters, hence 22 hex digits. 13
characters would give you 26 digits.

Hashing a phrase to generate a key gives a much more random result than
simply using the bits in a text string. The latter can be cracked by
dictionary guessing, the former is much harder.

HTH

--
Rick Jones
www.activeservice.co.uk

"Ray" <NoSpam-> wrote in message
news:...
> I don't fully understand the WEP key structure and need guidance from
> expertise.
>
> My Netgear WGR614 has configuration page in WEP key as below:-
>
> Passphrase: Openthedoor
> 128-bit WEP key generated: 1c1f9289ba0a0a0eaa111785ab
>
> From WEP generator, I got the following
>
> ASCII: Openthedoor
> HEX: 4f70656e746865646f6f72
>
> I am at loss why same ASCII code gives different hex code. Obviously,
both
> are correct if I type the same on AP and clients.
>
> According to my understanding, 13 or less ASCII code or 26 or less are
> acceptable for 128-bit WEP key. From above examples, obviously the below
> one confirms to my understanding but the Netgear one does not. Regardless
> of how many characters of ASCII code, it generates 26 hex code. Your
advice
> is appreciated
>
> Thanks,
>
> Ray
>
>

Rick Jones

Rick,

Thanks for your kind explanation.

If I use Netgear generator to produce hex key, how can I tell the Windows
users to enter ASCII password to connect to the network like the hot spots.
Normal people are not familiar with hex code and they always use ASCII
password.

Ray

"Rick Jones" <> wrote in message
news:...
> Ray
>
> The 128-bit key requires you to supply 104 bits of data - that's 26 hex
> digits. The Netgear generator will take any phrase you give it and run a
> hashing algorithm to generate 104 bits.
>
> In your 2nd example, the hex digits are simply the values of the
> characters
> in the string "Openthedoor". That's 11 characters, hence 22 hex digits. 13
> characters would give you 26 digits.
>
> Hashing a phrase to generate a key gives a much more random result than
> simply using the bits in a text string. The latter can be cracked by
> dictionary guessing, the former is much harder.
>
> HTH
>
> --
> Rick Jones
> www.activeservice.co.uk
>
> "Ray" <NoSpam-> wrote in message
> news:...
>> I don't fully understand the WEP key structure and need guidance from
>> expertise.
>>
>> My Netgear WGR614 has configuration page in WEP key as below:-
>>
>> Passphrase: Openthedoor
>> 128-bit WEP key generated: 1c1f9289ba0a0a0eaa111785ab
>>
>> From WEP generator, I got the following
>>
>> ASCII: Openthedoor
>> HEX: 4f70656e746865646f6f72
>>
>> I am at loss why same ASCII code gives different hex code. Obviously,
> both
>> are correct if I type the same on AP and clients.
>>
>> According to my understanding, 13 or less ASCII code or 26 or less are
>> acceptable for 128-bit WEP key. From above examples, obviously the below
>> one confirms to my understanding but the Netgear one does not.
>> Regardless
>> of how many characters of ASCII code, it generates 26 hex code. Your
> advice
>> is appreciated
>>
>> Thanks,
>>
>> Ray
>>
>>
>
>

Ray

Ray

AFAIK Windows wireless config tools only accept hex digits for a WEP
key. There's no standard that I'm aware of for representing WEP keys as
ASCII.

At hotspots, the password is usually a software-level feature, like a
system logon, and the network itself is unsecured.

I think you're stuck with hex - just tell users it's an alpha-numeric
password, no-one needs to know it's actually hexadecimal!

Cheers
Rick

richard@activeservice.co.uk