×
Siemens Industry Online Support
Siemens AG
Entry type: FAQ Entry ID: 22950124, Entry date: 04/18/2006
(0)
Rate

Why can't I enter the maximum of 16 characters (128 bits) when entering a WEP encryption string?

  • Entry
  • Associated product(s)

Description:
Wired Equivalent Privacy (WEP) is the oldest and also the least safe encryption procedure with which WLAN transmissions can be protected against unauthorized access according to the 802.11 standard. In this procedure a user password is used as a key which in turn is used to generate a sequence of pseudo random numbers. Each character of the message to be transmitted is then encrypted or decoded by the recipient with the next number of this sequence.
The procedure is relatively simple and can by comparison be easily compromised on two counts. On the one hand upon connection setup the key must be exchanged between sender and recipient, which of course is not encrypted. On the other hand, statistical methods can be used to determine characteristics of the messages transferred, which in turn permit an analysis to be made of the key used as long as there are enough messages for the analysis. For these reasons WEP is generally no longer considered to be sufficient today.


Fig. 01 - Configuration of a WLAN in Windows

 

When configuring with a Windows system you might get this or a similar error message when entering the network key:


Fig. 02 - Sample error message

 

For the configuration of a SCALANCE W788-PRO (6GK5788-1ST00) the error message looks like this:


Fig. 03 - Web Based Management W788-1PRO

 

The actual WEP data package consists of data and the 32-bit long checksum ICV (Integrity Check Value). This encrypted with the IV-WEP key combination and the initialization vector (IV) is placed in front of it all. From the IV the recipient can finally use the RCA key (default key) to compute the plaintext of the message.


Fig. 04 - WEP data package

For the actual maximum key string there are therefore only 104 bits available (128 bits total - 24 bits initialization vector) or 13 characters.

Note:
CRC32, just like RC4, is linear and is thus considered as mathematically uncertain. It is therefore possible to calculate the bits that must change in the checksum if you change the secret text.

To ensure better protection for your network you should

  • use the WPA or WPA2 encryption (not supported by CP1515 (6GK1151-5AA00))
  • protect yourself via additional encryption such as VPN, for example.

Keywords:
WEP, WPA, WPA2, Security, WLAN, Encryption
 

Security information
In order to protect technical infrastructures, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art IT security concept. Siemens’ products and solutions constitute one element of such a concept. For more information about cyber security, please visit
https://www.siemens.com/cybersecurity#Ouraspiration.
Rate entry
no rating
Requests and feedback
What do you want to do?
Note: The feedback always relates to the current entry / product. Your message will be forwarded to our technical editors working in the Online Support. In a few days, you will receive a response if your feedback requires one. If we have no further questions, you will not hear from us.