3

I was helping a person with his computer today, and he was convinced that his router's WPA key was 7 characters (with some brand of consumer router). He has been able to connect with this on a number of computers, but when stepping him through it with Ubuntu we found that Network Manager imposes a strict limit of 8 or more characters.

Before I fire off a bug report, I would like to know: is that 8 or more character limit a hard, technical limit (and the guy on the phone just crazy), or is it indeed possible to have a WPA key with 7 characters?

Dylan McCall
  • 133
  • 1
  • 1
  • 4
  • 1
    Should be migrated to SU. – Holocryptic Jul 28 '10 at 17:20
  • I don't know if it is possible, but it is almost certainly a bad idea. A password that small would be easy to guess through brute force. You may want to try to strongly encourage him to use something much longer. – Zoredache Jul 28 '10 at 17:34

1 Answers1

8

WPA Pre-shared key (PSK) mode, defined in IEEE 802.11i-2004, uses PBKDF2 as described in PKCS #5. While PBKDF2 has no minimum length, the IEEE standard states in H.4 Suggested pass-phrase-to-PSK mapping (which includes a discussion of security considerations):

A pass-phrase is a sequence of between 8 and 63 ASCII-encoded characters. The limit of 63 comes from the desire to distinguish between a pass-phrase and a PSK displayed as 64 hexadecimal characters.

UPDATE: A thought occurs -- note that this is based on ASCII characters. Perhaps your 7-character WPA PSK has trailing whitespace!

medina
  • 1,970
  • 10
  • 7
  • Thanks for your help! That's probably what I should have asked the guy to do. Next time I come across this, I will try that :) Looking at the IEEE's spec, they only mention the minimum 8 characters thing once. In H.4.2 reference implementation, it isn't enforced and it doesn't look like the output would be wrongly influenced. Hm… Still a little lost, but I'm definitely less lost. – Dylan McCall Jul 30 '10 at 03:14