WEP Key decrypt Error

Posted on 2006-03-31
Last Modified: 2013-11-13
0 Fri Mar 31 10:14:28 2006 WEP Key decrypt error. Station MAC Address is XXXX, AP MAC is OOOO and Slot ID is 1.
1 Fri Mar 31 10:14:28 2006 WEP Key decrypt error. Station MAC Address is XXXX, AP MAC is OOOO and Slot ID is 1.
2 Fri Mar 31 10:13:44 2006 Load Profile Updated to Pass for AP MACAddr: XXXX and slotNo: 1  

I'm getting these errors showing up in my trap log on my wireless aeronet cisco router. Its also stating it found a coverage hole. Any idea's on what is causing this?
Question by:selhs
    1 Comment
    LVL 18

    Accepted Solution


    I have posted here the encrption of the wep key so i think its help you in your wep error troubleshooting

    It's really pretty simple. The AP has a list of up to 4 keys. Each client has a list of up to 4 keys. The trick is that, if all lists are identical in content AND order, then it doesn't matter which keys are selected for transmit at any endpoint. Each WEP-encrypted frame contains an index number with a value from 0-3 that designates which key was used to encrypt the payload. If the receiver has the same last as the sender (in the same order), then the index allows it to find the same key for decryption.

    It's that simple. If the lists are different, or differently ordered, then decryption will only work if the sender happens to encrypt with a key that is in the same position on the receiver's list. Using identical lists, all endpoints are free to choose arbitrary different transmit keys.

    How the system breaks if encryption isn't working depends on the  authentication method you choose, and to some extent on how the vendor implemented the AP firmware and the client driver. WEP has two forms of
    authenticaton: open system, and shared key authentication (only used with WEP). With shared key authentication, the AP sends out a random text string as a challenge, and the client must encrypt it and return it to the AP. If
    the AP understands the decrypted frame, then authentication completes. With open system, this step is skipped. Any client that knows the SSID can associate successfully under open system even if it does not use WEP,
    because encryption is not used for association except during the challenge step.

    So, with open system but broken WEP, your driver might tell you that your client connected to the network - but will not get a DHCP address. With shared key authentication, the driver will probably not indicate a
    successful network connection if WEP is not working.

    I recommend against using shared key authentication. It provides no additional security over open system (if WEP is enabled, the client still must have the key to do anything, whether it is associated or not). Using
    shared key authentication provides any eavesdropper a freebee for key-cracking - one frame from the AP with a couple of hundred bytes of plaintext, followed by a frame from the client with the same text encrypted,
    plus the IV and key index use for the encryption. This is a big help.

    The only real authentication is provided by WPA using an authentication server (and the client also gets to authenticate the AP, making man-in-the-middle attacks much harder).

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    #Citrix #Citrix Netscaler #HTTP Compression #Load Balance
    If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now