WEP, which could stand for either Wired Equivalent Privacy or Wireless Encryption Protocol, is a security scheme employed by the Institute of Electrical and Electronics Engineers (IEEE) for IEEE 802.11 wireless networks since the standard’s ratification in September 1999. WEP was part of the IEEE 802.11 standard and its amendments up until IEEE 802.11i, when it was replaced by Wi-Fi Protected Access (WPA) and WPA2.
Wireless networks require more security than wired networks since wireless networks broadcast messages using radio, so they are more prone to eavesdropping. For confidentiality, WEP makes use of the stream cipher RC4, also known as ARCFOUR, and understood to stand for “Rivest Cipher 4” or “Ron’s Code” after the cipher creator, Ron Rivest.
For integrity, it makes use of the Cyclic Redundancy Check 32 (CRC-32) checksum. A 40-bit key, concatenated with a 24-bit initialization vector (IV) to form the RC4 traffic key, is used by standard 64-bit WEP. Key size was limited by U.S. Government export restrictions on cryptographic technology during the period of drafting for the original WEP standard. These limitations on key size were eventually lifted, but by then all of the major computer manufacturers had used a 104-bit key size in their implementations of an extended 128-bit protocol.
Users often enter a 128-bit WEP key as a string of 26 Hexadecimal (Hex) characters, from 0 to 9 and A to F, with each character representing 4 bits of the key. 26 characters with 4 bits each results in a total of 104 bits, which, when added to the 24-bit IV, forms the 128-bit WEP key.
Some vendors provide a 256-bit WEP system, which uses 24 bits for the IV and 232 bits for protection, usually entered as 58 Hexadecimal characters with each character representing 4 bits of the key.
In addition to the government restrictions on key size, another major security limitation in WEP is that interception of more packets is required in cracking a longer key, but there are active attacks that stimulate the necessary traffic. IV collisions and altered packets are also possible weaknesses in WEP, and a longer key only worsens these problems.
WEP features two methods of authentication:
Open System authentication, where it is unnecessary for a WLAN client to provide its credentials to an Access Point during authentication; and
Shared Key authentication, which uses a four-way challenge-response handshake.
Cryptanalysts were able to identify several serious weaknesses in the WEP in the early 2000’s, finding that a WEP connection could easily be cracked with available software in a matter of minutes. This problem was solved by the introduction of a new security scheme, WPA, in 2003, and the IEEE 802.11i standard, which used WPA2, in 2004.
Prior to the inception of WPA and WPA2, however, a number of replacements for WEP had been developed with the goal of restoring security to the wireless network itself. These replacements include: WEP2, which is a stopgap enhancement to WAP that features an enlarged IV value and enforced 128-bit encryption; WEPplus or WEP+, developed by Agere Systems that avoids “weak IVs” to enhance WEP security; and Dynamic WEP, which dynamically changes WEP keys.