WEP security
To increase the security of communication over the wireless local area network,
the Nokia D211 offers the Wired Equivalent Privacy (WEP) security feature. WEP
uses the RC4 algorithm with an up to 152-bit key. The algorithm provides for
security via two methods: authentication and encryption. Authentication is the
means by which one wireless station is verified to have authorisation to
communicate with a second station in a given coverage area.
In the infrastructure operating mode, authentication is established between a
WLAN access point and each wireless station. If a wireless station receives a
packet that has not been scrambled with a correct key, the packet is discarded.
Encrypted messages can be opened by other radio cards only if they all use the
same encryption key. In the ad hoc operating mode, authentication is established
between each wireless station.
The level of security is dependent on the length of the key: the more bits there are
in the key, the longer it takes to decrypt the information sent and the higher the
level of security.
WEP keys consist of a secret key and a 24-bit Initialization Vector. For example,
the 128-bit WEP key has a 104-bit secret key that the user can set, and a 24-bit
Initialization Vector that cannot be controlled by the user. Many manufacturers
Nokia D211 features
43
© Nokia Corporation 2004. All rights reserved.
refer to this 128-bit key as a 128-bit key, whereas some refer to it as a 104-bit key
(104+24). Both keys offer the same level of encryption and are therefore
interoperable.
Tip: Regardless of how the WEP keys have been named, all keys are
compatible as long as their length is the same. For example, keys that are 40
bits long, always consist of 5 alphanumeric characters or 10 hexadecimal
characters.
The Nokia D211 supports three key lengths: 40 (40+24), 128 (104+24), and 152
(128+24) bits. The 40-bit key is Wi-Fi (Wireless Fidelity) compatible.
There are two types of WEP keys: shared keys and personal keys.
Shared WEP keys
Shared WEP keys are shared by all wireless stations using the network or
subnetwork; only stations that have the correct key can receive and decrypt data.
The same key is loaded into the WLAN access point. Shared keys are usually
created by system administrators, who distribute them to users.
Shared keys are network-specific, and each network can have a maximum of four
different shared keys. A WLAN access point only transmits data using the active
key, but can receive data from wireless stations using any of the four shared
WEP keys.
Tip: If you have a profile that includes more than one network, it is
recommended that you use the same shared WEP keys with all these
networks.
Because the shared WEP keys are network-specific and user-independent, they
can be saved in a file together with profiles. Users can import from a file or a SIM
card profiles that include shared keys and that have been created by their system
administrator.
Shared keys can be used as the only form of WEP security or used together with a
personal key.
Personal WEP keys
Each wireless station can have an individual, personal WEP key. Personal keys are
used for providing additional security for wireless connections. They are usually
created by system administrators, who distribute them to users. A WLAN access
point uses a different key for each wireless station.
There are two types of personal WEP keys, and the difference between the keys is
the type of information that is used for identifying the user:
•
Station-specific – Uses the MAC address of the radio card to identify the user.
•
User-specific – Uses an identifier that the users can create themselves.
Unlike shared WEP keys, personal WEP keys are not network specific, and
therefore cannot be saved together with profiles. They can, however, be saved to
a file and used independently from profiles.
Nokia D211 features
44
© Nokia Corporation 2004. All rights reserved.
Personal WEP keys can be used only with the infrastructure operating mode. Ad
hoc networks use shared WEP keys only.
Note: Not all WLAN access points support personal WEP keys. Ask your
system administrator for more information.