Re: Proper WEP Code
On Tue, 2007-12-11 at 17:10 -0500, Dan Williams wrote: WEP ASCII passphrases are standardized, WEP104 passphrases are de-facto standard (some implemented hashing for 40-bit WEP keys, but that's not really standardized at all), and Apple uses a completely different hashing scheme for it's password. So no, WEP doesn't have a standardized passphrase-key hashing scheme. That's why you get 3 choices. WPA fixed this, where there is a standard for hashing a passphrase into a key, _plus_ they made it easy to differentiate a passphrase and a hex key, which is great because you can't do this with WEP, leading to people using what _look_ like hex keys as actual WEP passphrases. Dan I am sure you think the above explanation is clear but it is not to me. From what I have read the WEP pasphrase is the encryption key. and an ASCII passphrase is just a hex passphrase expressed in ASCII characters, What is the difference between a passphrase and a hex key and where does hashing come in for WEP? -- === You know that feeling when you're leaning back on a stool and it starts to tip over? Well, that's how I feel all the time. -- Steven Wright === Aaron Konstam telephone: (210) 656-0355 e-mail: [EMAIL PROTECTED] ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Proper WEP Code
On Wed, 2007-12-12 at 09:28 -0600, Aaron Konstam wrote: On Tue, 2007-12-11 at 17:10 -0500, Dan Williams wrote: WEP ASCII passphrases are standardized, WEP104 passphrases are de-facto standard (some implemented hashing for 40-bit WEP keys, but that's not really standardized at all), and Apple uses a completely different hashing scheme for it's password. So no, WEP doesn't have a standardized passphrase-key hashing scheme. That's why you get 3 choices. WPA fixed this, where there is a standard for hashing a passphrase into a key, _plus_ they made it easy to differentiate a passphrase and a hex key, which is great because you can't do this with WEP, leading to people using what _look_ like hex keys as actual WEP passphrases. Dan I am sure you think the above explanation is clear but it is not to me. From what I have read the WEP pasphrase is the encryption key. and an ASCII passphrase is just a hex passphrase expressed in ASCII characters, What is the difference between a passphrase and a hex key and where does hashing come in for WEP? The standard WEP passphrase is a string up to 64 characters in length. If less than 64 bytes, it gets repeated into a 64 byte buffer, which them gets hashed with MD5. The digest resulting from the MD5 hash is then used as the actual WEP key that is given to the driver. user input:abcdefghijklm 1) repeat 'abcdefghijklm' over and over until 64 bytes are filled 2) hash the 64 bytes using MD5 wep key (hex): f343dcef2a6ea4ce5d63dabc45 A WEP ASCII passphrase is a 5 or 13 character ASCII string. To derive the actual WEP key, the ASCII values of the string are used directly for the WEP key like so: user input:abcdefghijklm wep key (hex): 6162636465666768696a6b6c6d a = 61, b = 62, c = 63, d = 64, etc. So the problem with ASCII passphrases is that the _range_ of values you can enter is smaller and limited to the printable ASCII range, which is roughly 0x20 - 0x7E. Note that in the standard WEP passphrase example above, the passphrase contains the byte 0xF3 at the start, which is not ASCII and therefore can't be contained in an ASCII passphrase. The _best_ way to get a secure WEP key (not that WEP is secure _at all_) is to have a random number generator generate the key for you. Don't use passphrases. Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Proper WEP Code
Aaron Konstam [EMAIL PROTECTED] writes: I understand that, but Dan Williams is also correct that not all hex strings can be represented as ASCII stings. This makes an ASCII entered passphrase a weaker encryption vehicle. True, but WEP itself is a weak encryption vehicle, so you shouldn't depend on it for anything except to stop a neighbor from accidentally, casually joining your network. If you want real wireless security you should use WPA. -derek -- Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory Member, MIT Student Information Processing Board (SIPB) URL: http://web.mit.edu/warlord/PP-ASEL-IA N1NWH [EMAIL PROTECTED]PGP key available ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Proper WEP Code
Derek Atkins wrote: snip In the former case you do need to make sure that the AP is set up for a password, and you'd better hope that the AP uses the same string-to-key as NM. /snip Isn't that standardized? But in the latter cases, you're just defining a key directly. The only difference is whether you're supplying the key in hex or via the ascii character codes. E.g., to enter a hex 'digit' of 41 you could just enter an ascii A. This does not require any special configuration on the AP, because you could use 'A' and '4141414141' interchangably in NM. Dan -derek ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Proper WEP Code
James M. Leddy wrote: In the former case you do need to make sure that the AP is set up for a password, and you'd better hope that the AP uses the same string-to-key as NM. /snip Isn't that standardized? Not nearly as much as it should be. Perhaps the situation has improved in modern times, but my d-link from 2002 is most certainly not compatible in that way. --Pat ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Proper WEP Code
On Tue, 2007-12-11 at 15:11 -0500, James M. Leddy wrote: Derek Atkins wrote: snip In the former case you do need to make sure that the AP is set up for a password, and you'd better hope that the AP uses the same string-to-key as NM. /snip Isn't that standardized? WEP ASCII passphrases are standardized, WEP104 passphrases are de-facto standard (some implemented hashing for 40-bit WEP keys, but that's not really standardized at all), and Apple uses a completely different hashing scheme for it's password. So no, WEP doesn't have a standardized passphrase-key hashing scheme. That's why you get 3 choices. WPA fixed this, where there is a standard for hashing a passphrase into a key, _plus_ they made it easy to differentiate a passphrase and a hex key, which is great because you can't do this with WEP, leading to people using what _look_ like hex keys as actual WEP passphrases. Dan But in the latter cases, you're just defining a key directly. The only difference is whether you're supplying the key in hex or via the ascii character codes. E.g., to enter a hex 'digit' of 41 you could just enter an ascii A. This does not require any special configuration on the AP, because you could use 'A' and '4141414141' interchangably in NM. Dan -derek ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Proper WEP Code
On Sun, 2007-12-09 at 19:22 -0500, Dan Williams wrote: On Sun, 2007-12-09 at 15:48 -0600, Aaron Konstam wrote: On Mon, 2007-12-10 at 01:42 +1000, [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hey everyone sorry to disturb you all but what is the proper way to put your wep code in hex into the nm-applet? So far i can't figure it out and it won't allow me to connect. This is my code (obviously without the stars): **:38:22:05:40:AB:**:EF:04:38:22:05:** Thanks in advance i tried googling it but i don't think i could think of the right combination of search phrase. NJ But the associated question do you really want to set the WEP encryption code in hex rather than in ASCII, which is another option. He needs to be sure he matches the setting used on the AP. It won't work if he uses the wrong type in the applet. That said, most APs don't use ASCII passphrases (it was an older lucent thing), so I'd expect it to be a hex key, most likely. Dan Dan, You may be right but all of the wireless APs distributed by ATT have ASCII WEP passwds that are annoyingly 10 rather then 13 ASCII characters. -- === Could I have a drug overdose? === Aaron Konstam telephone: (210) 656-0355 e-mail: [EMAIL PROTECTED] ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Proper WEP Code
Aaron Konstam wrote: I am confused as usual. You are seeming to say that 40/128 ASCII passphrase are for APs that already have a passwphrase stored in their memory. But then things get confusing. Are you saying that a 40/128 HEX passphrase can actually change the passphrase stored in the AP? No, he's saying that behind the scenes, all passphrases are actually just exchanged as hex. So, if you type in 'A' it will send '4141414141' in the background. If you had just used the hex in the first place, it would work too. --Pat ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Proper WEP Code
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hey everyone sorry to disturb you all but what is the proper way to put your wep code in hex into the nm-applet? So far i can't figure it out and it won't allow me to connect. This is my code (obviously without the stars): **:38:22:05:40:AB:**:EF:04:38:22:05:** Thanks in advance i tried googling it but i don't think i could think of the right combination of search phrase. NJ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHXAzB8bSFeWg33Q8RAktcAKCnLMGC/dEPWBVtNGe0ZofHkBXaqQCfd9yD W0iINjSIUlIr1nHOpXIkgf8= =bBR0 -END PGP SIGNATURE- ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Proper WEP Code
On Mon, 2007-12-10 at 01:42 +1000, [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hey everyone sorry to disturb you all but what is the proper way to put your wep code in hex into the nm-applet? So far i can't figure it out and it won't allow me to connect. This is my code (obviously without the stars): **:38:22:05:40:AB:**:EF:04:38:22:05:** So you first need to make sure you choose WEP 40/128-bit Hexadecimal in the applet, then you put the key in _without_ any : or - or spaces. So you should enter it looking like this: 1238220540ab55ef04382205bb uppercase/lowercase don't matter. Dan Thanks in advance i tried googling it but i don't think i could think of the right combination of search phrase. NJ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHXAzB8bSFeWg33Q8RAktcAKCnLMGC/dEPWBVtNGe0ZofHkBXaqQCfd9yD W0iINjSIUlIr1nHOpXIkgf8= =bBR0 -END PGP SIGNATURE- ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Proper WEP Code
On Mon, 2007-12-10 at 01:42 +1000, [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hey everyone sorry to disturb you all but what is the proper way to put your wep code in hex into the nm-applet? So far i can't figure it out and it won't allow me to connect. This is my code (obviously without the stars): **:38:22:05:40:AB:**:EF:04:38:22:05:** Thanks in advance i tried googling it but i don't think i could think of the right combination of search phrase. NJ But the associated question do you really want to set the WEP encryption code in hex rather than in ASCII, which is another option. -- === It took me fifteen years to discover that I had no talent for writing, but I couldn't give it up because by that time I was too famous. -- Robert Benchley === Aaron Konstam telephone: (210) 656-0355 e-mail: [EMAIL PROTECTED] ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Proper WEP Code
On Sun, 2007-12-09 at 15:48 -0600, Aaron Konstam wrote: On Mon, 2007-12-10 at 01:42 +1000, [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hey everyone sorry to disturb you all but what is the proper way to put your wep code in hex into the nm-applet? So far i can't figure it out and it won't allow me to connect. This is my code (obviously without the stars): **:38:22:05:40:AB:**:EF:04:38:22:05:** Thanks in advance i tried googling it but i don't think i could think of the right combination of search phrase. NJ But the associated question do you really want to set the WEP encryption code in hex rather than in ASCII, which is another option. He needs to be sure he matches the setting used on the AP. It won't work if he uses the wrong type in the applet. That said, most APs don't use ASCII passphrases (it was an older lucent thing), so I'd expect it to be a hex key, most likely. Dan ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
Re: Proper WEP Code
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hey guys just thought i'd say i got it working. Thanks for ur help and keep up the great coding :D -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHXK2I8bSFeWg33Q8RAqLaAJ9v6n5Xi0+ugaS9qhkG+tBIzDB0UACfS79v HcIqlEnNPKiDGftSoHRc5kM= =U8FK -END PGP SIGNATURE- ___ NetworkManager-list mailing list NetworkManager-list@gnome.org http://mail.gnome.org/mailman/listinfo/networkmanager-list
