Before WPA2 and WPA3 became the gold standards of WiFi security, there was WEP, short for Wired Equivalent Privacy. Back in the late 1990s and early 2000s, WEP was the default way to protect your wireless network. It promised to give wireless connections the same level of privacy as wired networks.

That was the theory. In reality, WEP did not age well.

A Quick Overview

Encryption type: WEP uses the RC4 stream cipher for encrypting data
Goal: Prevent eavesdroppers from intercepting and reading your data
Reality: It can be cracked easily with freely available tools

How WEP Works

The basic process is straightforward

1. The client encrypts the data using a shared key
2. The encrypted packet travels through the air
3. The router receives it and decrypts it using the same key

Here is what happens behind the scenes

• Each packet gets its own unique key stream
• WEP generates that key stream using the network password (shared key) and a random initialization vector (IV)
• The IV is only 24 bits long
• The formula looks like this IV + Password → Key Stream → Encrypted Packet

Why WEP Fails

WEP’s problems are well known. These are the main ones

1. The IV is too small
   With only 24 bits, there are about 16 million possible IVs. That sounds like a lot, but on a busy network they start repeating quickly

2. The IV is sent in plain text
   Anyone listening to the network can see it in every packet

3. IV repetition weakens security
   If an attacker collects enough packets with repeated IVs, they can run statistical attacks to figure out the key stream and break the encryption

Once IVs repeat, the encryption is no longer truly random

How WEP is Cracked

Cracking WEP is simpler than you might think if you have the right tools

1. Capture a large number of packets and IVs
   Tool used: airodump-ng

2. Analyze the captured IVs and recover the key
   Tool used: airocack-ng

With enough captured traffic, the shared key can often be discovered in minutes

Wrapping up

WEP was designed with good intentions, but it is a clear example of a security idea that failed in execution. It has been officially deprecated for years, and if you still have a router running WEP, you should replace or reconfigure it immediately.

Switch to WPA2 or WPA3 instead. Your data will be much safer.

If you're a software developer who enjoys exploring different technologies and techniques like this one, check out LiveReview.

LiveReview delivers high-quality feedback on your PRs/MRs within minutes.
It saves hours per review by providing fast, automated first-pass insights. This helps both junior and senior engineers move faster.

If you're tired of waiting on peer reviews or unsure about the quality of feedback you'll receive, LiveReview is here to help.