Wired Equivalent Privacy (WEP): Definition & Risks

Learn how Adaptive Multi-Factor Authentication combats data breaches, weak passwords, and phishing attacks.

The wired equivalent privacy, or WEP, is part of the IEEE 802.11 standard designed to keep traffic sent through wireless networks more secure. It was created to help prevent cyberattacks, such as man-in-the-middle (MiiM) attacks, from being successful. 

WEP uses a static key of 10 or 26 hexadecimal digits to encrypt data. In the late 1990s and early 2000s, it was widely used and often the primary security choice router configuration tool offered to users.

Wired equivalent privacy has since been superseded by WPA (Wi-Fi protected access) and then WPA2, which was designed to address the security vulnerabilities that WEP presented. WPA uses a dynamic key and message integrity checks to ensure a higher level of cybersecurity. 

WPA2 is an upgraded version of WPA. It is based on the robust security network (RSN) mechanism and can be even more secure than WPA. 

WPE is a retired security protocol that has been deemed insecure. It has been replaced, first by first WPA and then by WPA2.

What is wired equivalent privacy (WEP)?

WEP, or wired equivalent privacy, is a security algorithm presented by the Institute of Electrical and Electronics Engineers (IEEE) as part of the IEEE 802.11 internet standard that was ratified in 1997. 

WEP was created to secure and ensure data confidentiality at the same level that a traditional wired network offered. Wireless connections transmit data through radio waves, which can be intercepted. WEP was designed to encrypt this data so that even if it were to be intercepted, such as through a MiiM attack, the threat actor would not be able to decipher its contents.

Due to U.S. government-imposed restrictions on the exportation of cryptographic technology, WEP key sizes were initially limited to a 40-bit key (called WEP-40) for the 64-bit WEP protocol. As these restrictions were lifted, the extended 128-bit WEP protocol using the 104-bit key (WEP-104) was introduced. WEP uses the RC4 stream cipher for confidentiality and the CR