Why is the WPA2-PSK key length limited to 63 characters?

StackOverflow https://stackoverflow.com/questions/18006390

  •  04-06-2022
  •  | 
  •  

Question

I wonder why there is a limit of just 63 characters for the passphrase of WPA2-PSK. It's not even a power of two and looks very unusual to me, but surely there's some deeper meaning to this number.

Était-ce utile?

La solution

The PSK is derived from the passphrase using PBKDF2 key derivation function with SHA1 as the pseudo random function. The passphrase is an 8-63 character ASCII encoded string.

PSK = PBKDF2(PassPhrase, ssid, ssidLength, 4096, 256)

The PSK is 32 bytes (256 bits), often displayed as 64 hex characters.

According to the 802.11i specification:

A pass-phrase is a sequence of between 8 and 63 ASCII-encoded characters. The limit of 63 comes from the desire to distinguish between a pass-phrase and a PSK displayed as 64 hexadecimal characters.

So the difference is just to distinguish a 64 hex character PSK from a 8-63 character ASCII passhprase.

Autres conseils

Looking around the web, it looks like WPA2 takes 64 characters. In any event, each character is 8 bits long which is an easy number to store. My educational guess is that they just needed a cutoff number.

63 chars terminated with an 0-byte (which is quite usual while programming strings in microprocessors) makes a length of 64. And that's a number you're looking for: it is not only a power of 2, but also of 8 and 16.

Licencié sous: CC-BY-SA avec attribution
Non affilié à StackOverflow
scroll top