aeswepd 0.4

Copyright 2003 Lennart Poettering <mznrfjrcq (at) 0pointer (dot) de>


This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.


Sun Jan 11 2004:

Version 0.4 released, update to wireless extensions v26 (for kernel 2.4.23 and newer), changed the default rekeying time to 24h. This will make the default configuration incomptible with earlier versions!

Fri Oct 17 2003:

Version 0.3b released, small bugfixes.

Fri Oct 17 2003:

Version 0.3 released, split from waproamd, added documentation, manpage, some bug fixes.


aeswepd is UNIX daemon for changing WEP keys of WLAN devices in constant intervals. The WEP keys are calculated by encrypting the current UNIX time using the AES cypher with a given constant key. aeswepd strengthens the security of the weak hardware based, standards compliant WEP technology.

aeswepd may use up to three hardware WEP keys: the first is set to the current, the second to the previous and the third to the next key. This is useful when working with not completely synchronized RTCs. If only a single hardware WEP key is used, you have to synchronize your RTCs so that no connectivity interrupts may occur.

aeswepd has several advantages over other solutions to improve WEP: it is easy to use, doesn't involve computing intensive algorithms, doesn't increase traffic latency. On the other hand it has several disadvantages as well: it requires an installation of aeswepd on all network members, it is not standardized, currently only APs which run a flavour of Linux may be used with it.


Version 0.4 is more or less stable. It features only a single WEP key driver for local NICs supporting the Linux wireless extensions v15. Support for changing WEP keys of remote APs via HTTP is planned for the next version.


Have a look on the man page aeswepd(8). (An XSLT capable browser is required)

aeswepd has no configuration file. It is intended to be run with correct command line arguments from ifup/ifdown or waproamd.


A newer Linux Kernel with a compatible device driver and WLAN NIC (Wireless extensions v15 or newer). Most modern cards and drivers are compatible, like mines which work with the hostap driver, version 0.0.3 and above.

aeswepd was developed and tested on Debian GNU/Linux "testing" from October 2003, it should work on most other Linux distributions since it uses GNU autoconf for source code configuration.

The machines used for development are a Medion 9580-F laptop with a TEAC and a ZONET PCMCIA WLAN NIC, and an 1 GHz Celeron PC with a noname PCI WLAN NIC. All three cards feature a PRISM2 chipset. hostap 0.0.4 was used as driver.

aeswepd needs libdaemon and libmcrypt 4.


As this package is made with the GNU autotools you should run ./configure inside the distribution directory for configuring the source tree. After that you should run make for compilation and make install (as root) for installation of aeswepd.


None so far


The newest release is always available from

The current release is 0.4

Get aeswepd's development sources from the Subversion repository.

Lennart Poettering <mznrfjrcq (at) 0pointer (dot) de>, January 2004
$Id: 43 2004-01-11 00:51:14Z lennart $