WEP* (Wired Equivalent Privacy) is not recommended for a secure Wireless Local Area Network (WLAN) due to its inherent weaknesses. One of the main security risks is a hacker can capture the encrypted form of an authentication response frame, using widely available software applications, and use the information to crack WEP encryption. The process consists of an authentication request from the client, clear challenge text from the Access Point (AP) or broadband wireless router, encrypted challenge text from the client and an authentication response from the AP/router.

Once authenticated and associated with the AP/router, every WEP data frame is encrypted with an RC4 cipher stream generated by an encryption key. That key is comprised of a 24-bit Initialization Vector (IV) and either a 40-bit or 104-bit WEP shared key (passphrase) that is configured on the client and AP/router. Combining the IV and key results in 64-bit and 128-bit WEP, respectively, which are the terms used today. Some vendors formerly referred to these as 40-bit and 104-bit WEP because they excluded the 24-bit IV in their documentation.

This applies to:

Intel® PRO/Wireless 2100 Network Connection Intel® PRO/Wireless 2200BG Network Connection Intel® PRO/Wireless 2915ABG Network Connection Intel® PRO/Wireless 3945ABG Network Connection Intel® WiFi Link 5100 Intel® WiFi Link 5300 Intel® Wireless WiFi Link 4965AGN