Click here for details about Soroban Systems Ltd.

Soroban Systems

for IT expertise.


Click HERE if you just want to download the program.

WEP/WPA key Generator

Introduction

This software has been written by Soroban Systems Ltd to assist in securing small private wireless networks using a pre-shared key. The program may be freely distributed. Soroban Systems and John Steele retain the copyright to the program.

Wireless networks need to be secured. If you use the default settings "out of the box" then home networks are accessible to neighbours but office systems are potentially open to competitors.

The advice generally given is to make some basic changes to the default configuration to improve security. Such advice includes:

What encryption method should you choose?

WPA is the newest and strongest encryption method. If this is not available (generally for older devices) choose WEP. 104/128 bit encryption is stronger than 40/64 bit if available. Note that 24 bits of the WEP protocol is not selectable by the user.

The strength of the protection given by encryption depends on the choice of encryption key.

Passphrase Issues

You are normally told to use a "passphrase" to generate the encryption key. Sometimes it is suggested that you should use Upper and Lower case characters and even numeric characters and punctuation marks. The use of characters in this way however weakens the key for two reasons:

The Solution is to use a key generator which generates random values for each element in the key. This is the purpose of this program.

Program Operation

Installation

This program does not need to be installed but it does however depend on having the Microsoft .NET framework installed. Just download the zip file from HERE. Save it to your local disk, unzip it and run it! The zip file contains the executable program wepkeygenerator.exe and a PDF version of this page.

The zipfile download is 111 kilobytes.

Running the Program

When the program is run it displays a form as shown below.

Program Form Image

The program can generate Hexadecimal WEP keys of 40/64 bit length and 104/128 bit length just by pressing the appropriate button.

For WPA there are additional options. According to the literature some WPA devices can accept a Hexadecimal string of 64 Hexadecimal characters. To use the hexadecimal form just click the 256 bit WPA key

I know that some routers will not accept this format however so there is an option to generate a random text string of between 8 and 63 characters. Again as I do not have a range of routers to test this with I have created two options.

In all cases the text string generated will be displayed in the Textbox and will automatically be copied to the windows Clipboard. I recommend that this is pasted into a text file so that it can be kept. The screenshot shows a standard ASCII WPA key that has just been generated.

There is no way of replicating the WPA string with the program.

Technical Details and Caveats

The software depends on the Microsoft .NET framework version 1.1. This must be installed before the program will run.

Random numbers seem simple. The main difficulty is proving that the sequence generated is actually random. This program is intended to simplify the protection of wireless networks used in the home or small offices. Any flaws that might be discovered in the randomness are unlikely to aid an attacker to any great extent with a key of this length. It is certainly better than a passphrase formed out of words or a string of characters just typed at the keyboard as a wider set of character symbols are used. If you do not believe that Microsoft have made their random number generator sufficiently random then you should use another source of random data.

The program was written in Visual Basic.NET using Microsoft Visual Studio.NET. The bytes used for the WEP or WPA keys are generated using the Microsoft RNGCryptoServiceProvider Class cryptographic Random Number Generator. No attempt has been made to verify the randomness of the keys produced. A search on the Internet however did not produce any reports about any weaknesses in this area.

Release History

Version Notes
0.1 First Release. Beta version of the program released for comment and evaluation

Support

This program is provided "as is" with no warranty given as to its suitability for your use. Please report any problems to Soroban Systems Ltd. by clicking on the image here Our address.

We will attempt to address any issues as soon as possible.

We would also appreciate any comments and suggestions.

Credits

© Soroban Systems 2005.

Soroban Systems Ltd specialises in Systems Integration and network design. Click here to visit our home page.