WEP (Wired Equivalent Privacy)
What is WEP (Wired Equivalent Privacy)?
WEP (Wired Equivalent Privacy)The original Wi-Fi confidentiality protocol from 1997, now considered broken and unsafe for any production use.
WEP was the original encryption mechanism defined in IEEE 802.11 and used the RC4 stream cipher with a short 24-bit initialization vector and a static shared key. Numerous flaws — IV reuse, the FMS and KoreK attacks, and chopchop — let attackers recover the key from minutes of captured traffic with tools such as aircrack-ng. The Wi-Fi Alliance deprecated WEP in 2004 and standardised WPA, then WPA2. Today WEP must be considered cleartext: it provides essentially no protection against passive sniffing or active impersonation. Networks still using it should be migrated immediately to WPA2 or WPA3, and incompatible legacy devices should be isolated in tightly segmented VLANs.
● Examples
- 01
An attacker captures IVs from a WEP network and recovers the key with aircrack-ng in minutes.
- 02
An audit flags an industrial control system still running WEP and requires its replacement.
● Frequently asked questions
What is WEP (Wired Equivalent Privacy)?
The original Wi-Fi confidentiality protocol from 1997, now considered broken and unsafe for any production use. It belongs to the Network Security category of cybersecurity.
What does WEP (Wired Equivalent Privacy) mean?
The original Wi-Fi confidentiality protocol from 1997, now considered broken and unsafe for any production use.
How do you defend against WEP (Wired Equivalent Privacy)?
Defences for WEP (Wired Equivalent Privacy) typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for WEP (Wired Equivalent Privacy)?
Common alternative names include: Wired Equivalent Privacy.