Sydney Wireless

October 28, 2005

Understanding WEP Encryption Bit by Bit

Filed under: Information — evilbunny @ 9:15 am

Q. Why do some people refer to the Wireless Encryption Protocol, or WEP, as either 40-bit or 64-bit encryption? I’ve seen this in various places over the years, and I’ve always been curious about it. What is the difference between these two encryption levels?

A. Before we discuss your question, I’d just like to point out that WEP, does not stand for Wireless Encryption Protocol. It actually stands for Wired Equivalent Privacy. Now in regards to your question:

There really is no difference between 40-bit and 64-bit encryption. They are just different terminologies used throughout the industry to describe the same level of encryption, which is why they’re capable of interoperation. The lower level of WEP encryption uses a 40-bit (10 Hex character) as a “secret key” of your choosing and a 24-bit “Initialization Vector” (you don’t get to choose this number). Add all the bits together (40 plus 24) and you get 64-bit. Some vendors refer to this level of WEP as 40-bit, while others use the more common 64-bit nomenclature. Both are equivalent in encryption strength and compatibility.

You can use 128-bit WEP devices with 40-or 64-bit WEP devices, provided that the device drivers or management features let you set it at a lower encryption level. Remember, though, that a 128-bit encryption key will not work with a device configured with a 64-bit encryption key. They must be the same.

The key to success is to pay attention to the WEP key formats for each product. For instance, with some of the older products you might be asked if you want to enter your WEP key using either Hexadecimal (HEX) or ASCII format. I vaguely remember Lucent- (and I think Zoom-) based products gave you this option.

The ASCII option used regular alphanumeric characters. If you wanted to use the Hex format however, you either selected it with a button in the configuration or you had to start the key with “0x” (that’s the number zero and a lower-case “x”). This method generates a Hexadecimal key from the ASCII string that you entered. Just keep in mind that this is not the same as directly entering an ASCII key. Take a look at the list below to see the different number of characters you need when using either a HEX or ASCII WEP key.

  • One ASCII Character is eight bits
  • One HEX Character is four bits
  • 40-or 64-bit ASCII WEP code has five characters
  • 40- or 64-bit HEX WEP code has 10 characters
  • 128-bit ASCII WEP code has 13 characters
  • 128-bit HEX WEP code has 26 characters

Generally speaking, 802.11bsupports 64-and 128-bit encryption; 802.11b+ (enhanced) supports 64-, 128- and 256-bit encryption; 802.11g supports 64- and 128-bit, and 802.11A supports 64-, 128- and 152-bit encryption. Some vendors will also offer stronger encryption levels. D-Link for example, gives you the option of using 256-bit encryption (58 characters), providing you’re using only a D-Link wireless device.

For some time now I have toyed with the idea of buying a wireless network for my home. However, I currently own a couple of Panasonic KX-TG2422W 2.4 GHz GigaRange Cordless telephones that I like a great deal. I’m afraid that since both of these devices operate in the 2.4GHz range, their functionality could be impaired. Should I be concerned about it? If it is a problem, is there anyway to get around the issue? Also, what about Bluetooth devices? I understand that they also operate on this frequency.

Well, the easy answer here would be to tell you to just purchase wireless equipment that uses the 802.11a standard instead. Since 802.11a operates in the 5GHZ range, it shouldn’t interfere with your telephone system. Before you commit to that solution, though, you should consider that 802.11a products are typically much more expensive then an 802.11b/g equivalent. Plus, they suffer from much shorter range. So I wouldn’t necessarily rule out 802.11b/g products just yet.

The fact is that anytime devices operate in the same frequency band, there is the potential for interference. Since 802.11b/g products do function on this frequency band, you could experience interference. However, different cordless phones use different frequencies and generally include a label stating which frequency they use. If you experience problems with interference caused by your cordless phone, try changing the channel that the wireless access point or the router uses for wireless conductivity.

The reason is that wireless 802.11b/g networks operate in the UHF band (Ultra High Frequency) between 328.6MHz to 2.9GHz. Specifically it performs in the 2.4GHz band, which is divided into 14 channels. The United States uses channels one through 11 and Europe uses one through 13. See the chart for details.

Technicalities aside, speaking from personal experience, I don’t think you’ll have too much trouble. Just keep the access point or router at least six-to-10 feet away from the phones and phone system.

As for Bluetooth, since both 802.11b/g and Bluetooth devices make use of the same radio frequency range, you could theoretically experience a slight problem, but because Bluetooth devices are usually low power, the effects they might have on an 802.11 network, if any, won’t be far-reaching. Hope it all works out.


Leave a Reply

You must be logged in to post a comment.

Powered by WordPress