Wired Equivalent Privacy (WEP)* is not recommended for a secure WiFi Local Area Network (LAN) due to its inherent weaknesses. One of the main security risks is a hacker can capture the encrypted form of an authentication response frame, using widely available software applications, and use the information to crack WEP encryption. The process consists of an authentication request from the client, clear challenge text from the Access Point (AP) or broadband wireless router, encrypted challenge text from the client and an authentication response from the AP/router.

Once authenticated and associated with the AP/router, every WEP data frame is encrypted with an RC4 cipher stream generated by an encryption key. That key is comprised of a 24-bit Initialization Vector (IV) and either a 40-bit or 104-bit WEP shared key (passphrase) that is configured on the client and AP/router. Combining the IV and key results in 64-bit and 128-bit WEP, respectively, which are the terms used today. Some vendors formerly referred to these as 40-bit and 104-bit WEP because they excluded the 24-bit IV in their documentation.

This applies to:

IntelŪ PRO/Wireless 2100 Network Connection IntelŪ PRO/Wireless 2200BG Network Connection IntelŪ PRO/Wireless 2915ABG Network Connection IntelŪ PRO/Wireless 3945ABG Network Connection IntelŪ WiFi Link 1000 IntelŪ WiFi Link 5300 and IntelŪ WiFi Link 5100 products IntelŪ WiMAX/WiFi Link 5350 and IntelŪ WiMAX/WiFi Link 5150 products IntelŪ Wireless WiFi Link 4965AGN