[MLB-WIRELESS] Re: Strong WEP Key Generator

[Jason Hecker]

Ah,

Yes, well, I was just quoting the site name.  For anyone who can't be arsed 
typing in a "random" number, it'll do it for you - probably more random that 
doing one by hand and better than using ASCII input which are based on 
dictionary words most of the time.  I agree WEP is borked, but... it's a good 
site for the lazy - especially for 256 WEP (just cut'n'paste).  Surely by 
now, the small subset of truly strong keys would be worked out by now and 
probably in a dictionary somewhere... if there ae truly strong keys in WEP.

Afterwards I had a look at the javascript and then compared it to nwepgen from 
the linux-wlan source tree.  They are just random number generators.  Anyone 
got any good pointers to sites on how to make a good key for WEP?

j

On Monday 05 May 2003 17:15, Joris wrote:
> On Sun, May 04, 2003 at 11:49:22PM -0700, Jouni Malinen wrote:
> > On Mon, May 05, 2003 at 08:48:23AM +1000, Jason Hecker wrote:
> > I don't know whether one should really call anything related to WEP
> > "strong" ;-), but let's forget that for a moment and concentrate on key
> > generation..
> >
> > What exactly makes those keys "strong"?
>
> The fact that it's more random than your average birthday or kids name,
> like most people do.
>
> I don't think that site was intended for strong cryptographical
> purposes, but to help Mr and Mss Sixpack...
>
> > I would not call that strong key; it looks more like false sense of
> > security. Actually, that's quite good match for WEP security.. ;-)
>
> Yep.
> If you change the target audience, it starts making sense...