# 64-bit WEP faster than 128?

## alienjon

I just setup a wireless network in my apartment and we currently have a 64bit wepkey because that's what my friend had setup.  I had asked if we could do a 128 instead, as I know it is a stronger key that way, but he thinks that there is a speed difference in doing so.  I can't possibly see how a bigger key translates to a lag in wireless connectivity, but I wanted to ask just to be certain.

----------

## nixnut

Yes, 64-bit is faster than 128-bit, but unless you are working with seriously decrepit hardware you shouldn't notice it at all. And wep is seriously broken, so you may as well not use it at all. 64-bit, 128-bit, none, it's really all the same. wep is totally broken.

----------

## alienjon

I'm afraid I'm not all that network saavy.  What else is out there and what might you recommend me trying/doing?

----------

## nixnut

See here

----------

## Cyker

 *alienjon wrote:*   

> I'm afraid I'm not all that network saavy.  What else is out there and what might you recommend me trying/doing?

 

He's just being glib; WEP is still far more secure than no encryption - even't 'tho WEP has been broken, it still requires a fair bit of effort to crack.

That said, 64-bit and 128-bit provide about the same amount of protection because they are broken; If someone is arsed enough to try and break 64-bit WEP, they would be able to break 128 bit too without much more effort, so it's not worth changing from 64 it to 128.

If you want to secure your Wireless properly, use MAC address filtering and WPA-PSK encryption. WPA can (currently) only be broken by brute forcing and is much more secure than WEP

----------

## nixnut

 *Cyker wrote:*   

> He's just being glib; WEP is still far more secure than no encryption - even't 'tho WEP has been broken, it still requires a fair bit of effort to crack.

 Yes, about 1 minute and 3 seconds on reasonably current hardware for a 50% chance of compromising the connection.

----------

## think4urs11

 *Cyker wrote:*   

> it still requires a fair bit of effort to crack.

 

Depends on your definition of 'effort'; see http://www.offensive-security.com/movies/bt3teaser/bt3teaser.html

(around 2:00 till 2:30 in the video)

----------

## Zach_the_Lizard

I would seriously recommend changing from WEP to WPA. As others have mentioned, it doesn't take much effort to crack WEP. It will only keep out the most casual of bandwidth thieves. MAC address filtering is also one of those false-security things. Don't use it, or if you do, use it in conjunction with WPA.

----------

## Cyker

@nix and think: Have you actually tried to crack a low-traffic third party WEP IRL? Those demos are best case scenarios; If the network does not have heavy traffic, it takes time to get enough info to start a replay attack to get the required amount of packets. Most crackers will not be bothered to even wait that long.

It requires *considerably* more arsedness than just 'breaking' into an unencrypted node, so even something as weak as WEP is still *much* better than nothing.

But as has been said, WPA is really the only way to go for decent protection.

WEP is like copy protection on games - It'll deter lazy people, but ultimately it doesn't work. MAC address filtering is another obstacle, but ultimately not a large one as MAC addresses can be spoofed.

The idea about security is to make it as inconvenient and annoying for someone to break in by throwing up as many barriers as possible - No security is perfect. I'd be willing to bet even WPA has been cracked in some crappy routers due to bad implementation.

You can still be 'safe' with WEP if you isolate it 'tho (I still run WEP as I have stuff which doesn't support WPA, but it's isolated from the main LAN).

But the bottom line is WEP 64-bit and 128-bit sucks, use WPA    :Razz: 

----------

## think4urs11

 *Cyker wrote:*   

> even something as weak as WEP is still *much* better than nothing.

 

correct; in worst case you can at least say that you have secured your network (gets interesting in legal cases). Nevertheless from a technical point of view WEP is nearly equal to nothing.

Personally i use a different approach. My WLan is unencrypted, the only thing which can be accessed is the gateway machine itself - means dhcpd and openvpn; nothing else. Quite funny to see some 'hackers' checking my infra  :Wink: 

----------

## NeddySeagoon

Cyker,

WEP will deter someone else from using your bandwidth, they will go and find an open wifi.

The bad thing about it, is it gives the uneducated a false sense of security.

My wireless it open, since I use secure protocols over it and I really don't mind the folk round about using my wifi in their back gardens. It appears I use theirs from time to time.

----------

## alienjon

I had the same kind of impression that WEP is 'still better than nothing' simply because it'll prevent either people who know nothing about wireless security or people who know very little (like me) from really trying anything, but the MAC filtering is something I wouldn't have thought of.  As for WPA, what makes that more special than WEP?  Is it just that the encryption key is more complex (or unique?) or is it something completely different from WEP all together?  Also, is there a hardware limitation for WPA?  (I would surmise 'no', but I would have also originally thought that WEP 128 is just as fast as 64 bit   :Rolling Eyes:  )

----------

## think4urs11

One major difference between WPA and WEP is the Temporal Key Integrity Protocol (TKIP) in WPA, which dynamically changes keys as the system is used.

Additionally WPA uses longer IV (48<->24 bit). A 128bit WEP key is in reality 104bit+24bit IV while in WPA it is a 'real' 128bit + 48 bit IV.

For much more detailed infos see e.g.

http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy

http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access

----------

## Cyker

WEP is just really badly designed. The encryption itself is okay and pretty secure, but the biggest problem is the implementation.

It's all the implementation flaws which allow people to derive the key, not the actual cipher algorithm. WEP packets are only partially encrypted (Most of the header isn't IIRC) which is why ARP replay and other traffic generating attacks can be used so effectively to generate enough packets to expose the key.

One of the stupidest things is if you run it in Shared Key mode instead of Open System, it practically BROADCASTS the key!!!! Even WinXP will automatically derive the key and use it in this situation (Although it is considered an autoconfiguration 'feature' there).

(Hey, I suppose in that scenario, nixnut is right - Shared Key WEP and no-encryption *is* the same  :Mr. Green:   :Laughing: )

Disclaimer: All I know about this stuff is things from slashdot and the aircrack-ng wiki! Nothing more! <.<   >.>

----------

## alienjon

I tried setting up WPA on the network, but my Gentoo box doesn't seem to recognize the commands:

```
{finding the network output, etc...}

Invalid command : set

*   eth0 does not support the following private ioctls

*     set AuthMode=WPAPSK

Invalid command : set

*   eth0 does not support the following private ioctls

*     set EncrypType=TKIP

Invalid command : set

*   eth0 does not support the following private ioctls

*     set WPAPSK={WPAPSK KEY}

*   Connecting to "{ESSID}" in managed mode (WEP Disabled) ...                                      [ !! ]

*   Failed to configure wireless for eth0
```

Now, I'm using a 802.11b USB adapter, is that too old to use WPA?  Alas, I'm not on my computer right now, so I'm not positive on the config file, but I did change my /etc/conf.d/net to include the new WPA phrase.  This is what I can remember (most of it is already mentioned above)

```
iwpriv_{ESSID}=( "set AuthMode=WPAPSK" "setEncrypType=TKIP" "set WPAPSK={WPAPSK KEY}" )
```

In retrospect, I wonder if that is the wpa_supplicant version of the correct config line, if so I don't know how the correct line should read.

----------

## d2_racing

If you want to use WPA, I suggest that you use wpa_supplicant.

----------

## alienjon

I thought my adapter was not supported by wpa_supplicant, but:

 *Quote:*   

> Supported drivers:
> 
> Linux drivers that support Linux Wireless Extensions v19 or newer with WPA/WPA2 extensions 
> 
> Host AP driver for Prism2/2.5/3 
> ...

 

Looks like that isn't the case (at least any more).  I'll look into that when I get home.

----------

## d2_racing

If you need help, just post  :Razz: 

----------

## alienjon

I will, I just haven't had the chance yet, sorry   :Razz: 

----------

## alienjon

I tried installing wpa_supplicant, but when I try to start the service, I get:

```
 * Caching service dependencies ...                                                                        [ ok ]

 * Starting eth0

 *   Loading networking modules for eth0

 *     modules: apipa arping ccwgroup macchanger macnet rename wpa_supplicant essidnet iptunnel ifconfig system dhcpcd ip6to4

 *       wpa_supplicant provides wireless

 *       ifconfig provides interface

 *       dhcpcd provides dhcp

 *   Configuring eth0 for MAC address XX:XX:XX:XX:XX:XX ...                                                [ ok ]

 *   Starting wpa_supplicant on eth0 ...

wpa_driver_atmel_set_wpa eth0

ioctl[ATMEL_WPA_IOCTL]: Argument list too long

Failed to set encryption.

ioctl[ATMEL_WPA_IOCTL]: Argument list too long

Failed to set encryption.

ioctl[ATMEL_WPA_IOCTL]: Argument list too long

Failed to set encryption.

ioctl[ATMEL_WPA_IOCTL]: Argument list too long

Failed to set encryption.

wpa_driver_atmel_set_countermeasures - not yet implemented

wpa_driver_atmel_set_drop_unencrypted - not yet implemented                                                [ ok ]

 *   Starting wpa_cli on eth0 ...                                                                          [ ok ]

 *     Waiting for association                                                                             [ ok ]

 *     Backgrounding ...

```

```
modules=( "wpa_supplicant" )

wpa_supplicant_eth0="-Datmel"

ctrl_interface=/var/run/wpa_supplicant

ctrl_interface_group=0

ap_scan=1

network=(

        ssid="MY_NETWORK"

        key_mgmt=NONE

        wep_key0="YOU_WISH_YOU_KNEW"

        wep_tx_keyidx=0

        priority=5

)
```

Here's my dmesg output (well, some of it anyway, I think this stuff is repeated once or twice and I don't want to flood this post more than I already have)

```
WARNING: at /var/tmp/portage/net-wireless/at76c503a-0.16/work/at76_usb-0.16/at76_usb.c:3695 at76_dwork_get_scan()

Pid: 7, comm: events/0 Tainted: P        2.6.24-gentoo-r4 #11

Call Trace:

 [<ffffffff804fad69>] mutex_lock+0x9/0x20

 [<ffffffff8802a2c6>]

 [<ffffffff804fa19e>] thread_return+0x3d/0x52f

 [<ffffffff8024945a>] queue_delayed_work_on+0x9a/0xe0

 [<ffffffff88023b30>]

 [<ffffffff88029e20>]

 [<ffffffff802489ee>] run_workqueue+0x7e/0x110

 [<ffffffff80249510>] worker_thread+0x0/0x130

 [<ffffffff802495d5>] worker_thread+0xc5/0x130

 [<ffffffff8024d080>] autoremove_wake_function+0x0/0x30

 [<ffffffff80249510>] worker_thread+0x0/0x130

 [<ffffffff80249510>] worker_thread+0x0/0x130

 [<ffffffff8024ccbb>] kthread+0x4b/0x80

 [<ffffffff8020ca18>] child_rip+0xa/0x12

 [<ffffffff8024cc70>] kthread+0x0/0x80

 [<ffffffff8020ca0e>] child_rip+0x0/0x12

ADDRCONF(NETDEV_UP): eth0: link is not ready

ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready

eth0: no IPv6 routers present
```

Note: my MAC address, essid and WEP key are all changed (although, considering the base of this thread, I probably shouldn't have to worry about any of them   :Razz: )

----------

## d2_racing

Look that my config :

```

# cat /etc/conf.d/net 

#WPA_SUPPLICANT

modules=( "wpa_supplicant" )

wpa_supplicant_wlan0_="-Dwext"

config_wlan0=( "dhcp" )

#Wireless tools

##dns_domain_lo="homenetwork"

##config_eth0="dhcp"

##dhcpcd_eth0="-N"

##config_gentoonet=( "dhcp" )

##key_gentoonet="307b09e7e3979a1f4988afdb83 enc open"

##preferred_aps=( "gentoonet" )

#preup()

#{

# if [[ ${IFACE} = "eth1" ]]; then

# sleep 3

# fi

# return 0

# }

```

And my /etc/wpa/wpa_supplicant

```

# cat /etc/wpa/wpa_supplicant

ctrl_interface=/var/run/wpa_supplicant

ctrl_interface_group=wheel

ap_scan=0

#update_config=1

network={

ssid="gentoonet"

psk="gentooquebec"

proto=WPA2

key_mgmt=WPA-PSK

pairwise=CCMP

group=CCMP

priority=5

}

```

----------

## d2_racing

@alienjon : Your /etc/conf.d/net is mess up.

Also, can you post this command after a fresh reboot plz :

```

# iwconfig

```

I think that it's weird to have a eth0 instead of wlan0 or wifi0.

----------

## alienjon

My wpa_supplicant config file has a different location from your's: /etc/wpa_supplicant/wpa_supplicant.conf  -  Is that a problem or should I specify that somewhere?

I hadn't realized that some of those arguments belonged in the other config file, but even after moving them over, I still have the same error so it doesn't look like its changed anything.

I agree, I'm kind of surprised that I'm working with eth0 instead of wlan0 (which I had in my last Gentoo install).  I happened to mention it in a post (which has now been long forgotten) and the general response was - 'so what'.  It's apparently just a name and, for some reason, one that Gentoo decided to use for my wireless.  Personally, I haven't noticed any issues due to the naming (other than sometimes writing in wlan0 instead of eth0) but if there's a way of easily changing this, I probably would be interested for simplicities sake.

Here's my device info:

```
eth0      Link encap:Ethernet  HWaddr 00:09:5B:54:B1:9E

          inet addr:192.168.0.100  Bcast:192.168.0.255  Mask:255.255.255.0

          inet6 addr: fe80::209:5bff:fe54:b19e/64 Scope:Link

          UP BROADCAST RUNNING  MTU:1500  Metric:1

          RX packets:949 errors:0 dropped:0 overruns:0 frame:0

          TX packets:770 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:489492 (478.0 Kb)  TX bytes:110247 (107.6 Kb)

lo        Link encap:Local Loopback

          inet addr:127.0.0.1  Mask:255.0.0.0

          inet6 addr: ::1/128 Scope:Host

          UP LOOPBACK RUNNING  MTU:16436  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0

          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
```

And my iwconfig:

```
lo        no wireless extensions.

sit0      no wireless extensions.

eth0      IEEE 802.11b  ESSID:"{MY_ESSID}"

          Mode:Managed  Frequency:2.462 GHz  Access Point: {XX:XX:XX:XX:XX:XX}

          Bit Rate:11 Mb/s   Tx-Power=15 dBm

          Retry limit:8   RTS thr=1536 B   Fragment thr=1536 B

          Encryption key:{WOULDNT_YOU_LIKE_TO_KNOW}   Security mode:open

          Power Management:off

          Link Quality:1/100  Signal level=16/100

          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0

          Tx excessive retries:0  Invalid misc:0   Missed beacon:0
```

----------

## alienjon

Still not getting anywhere on my end, unfortunately.  Any ideas?

----------

## d2_racing

Can you post your /etc/conf.d/net and your /etc/wpa/wpa_supplicant ?

----------

## alienjon

```
modules=( "wpa_supplicant" )

wpa_supplicant_eth0="-Datmel"

config_eth0=( "dhcp" )
```

```
network={

        ssid="{essid}"

        key_mgmt=NONE

        wep_key0="{wep_key}"

        wep_tx_keyidx=0

        priority=5

}
```

Sorry, shoulda thought of that.

----------

