Product SiteDocumentation Site

4.2. Wired Equivalent Privacy (WEP)

From Wired Equivalent Privacy (WEP) is a deprecated algorithm to secure IEEE 802.11 wireless networks. Wireless networks broadcast messages using radio and are thus more susceptible to eavesdropping than wired networks. When introduced in 1997,[1] WEP was intended to provide confidentiality comparable to that of a traditional wired network. Beginning in 2001, several serious weaknesses were identified by cryptanalysts with the result that today a WEP connection can be cracked with readily available software within minutes.
The WEP protocol does not provide any support for key management mechanisms, and in most environments the same key is shared by many clients. In an environment where keys are not changed regularly, this can compound the problem of using WEP as a flawed protocol. WEP uses keys that must be shared by both the client and the access point as all stations that want to send or receive must know the key. These keys are commonly referred to as being 64 or 128 bits long. In fact, the actual keys are either 40 or 104 bits long, and the remaining 24 bits in either configuration represent what is called the Initialization Vector (IV). This IV is used in combination with the key to encrypt the actual data. The implementation of the mechanisms used to combine the IV and the secret key in the WEP protocol has several flaws which can make the recovery of the keys by a malicious user simple:
WEP is now considered an outdated algorithm and is not recommended for use; however, it should be noted that many of its shortcomings arise from it simply being a poor implementation of its underlying mechanisms, and does not necessarily indicate that the actual mechanisms are inherently flawed.