WEP protocol (Wired Equivalent Privacy) is used as an optional supplement to the IEEE standard 802.11a/g/b and is designed for WLAN access control to ensure confidentiality of transferred data.
It involves the authentication and confidentiality services:
Open system authentication uses only SSID network identificator. SSID is not a password; it is only a wireless network identificator. Wireless access point (WAP) broadcasts this identificator in intervals of a few seconds.
In open authentication mode, the user sends an 802.11 authentication frame, which contains identification data of the user. WAP checks the user ID and a frame confirming or denying access to the WLAN is sent back to the user.
Shared WEP key authentication uses a 40 bits secret shared key, which is the same for all WLAN users and is distributed to all of them in a secret way. Authentication verifies the identity of the end device network card.
WEP Protocol uses symmetric RC4 encryption, which in turn uses a 64 or 128 bits key to encrypt the data. The key consists of a secret 40 or 104-bit key and a 24-bit initialization vector (IV).
WEP Protocol is vulnerable to known attacks (activity monitoring, brute force attack, repetition attack, and so on…) and RC4 cipher was broken in 1996.