802.11 Encryption with Wired Equivalent Privacy (WEP) (Windows CE 5.0)

Send Feedback

Due to the nature of wireless LAN networks, implementing a security infrastructure that monitors physical access to the network is difficult. Unlike a wired network where a physical connection is required, anyone within range of a wireless AP can conceivably send and receive frames as well as listen for other frames being sent. This makes eavesdropping and remote sniffing of wireless LAN frames very easy. Wired Equivalent Privacy (WEP) is defined by the IEEE 802.11 standard and is intended to provide a level of data confidentiality that is equivalent to a wired network.

WEP provides data confidentiality services by encrypting the data sent between wireless nodes. WEP encryption for an 802.11 frame is indicated by setting a WEP flag in the MAC header of the 802.11 frame. WEP provides data integrity for random errors by including an integrity check value (ICV) in the encrypted portion of the wireless frame.

The following tables shows the two shared keys that WEP defines.

Key type Description
Multicast/global key Encryption key that helps to protect multicast and broadcast traffic from a wireless AP to all of its connected wireless clients.
Unicast session key Encryption key that helps to protect unicast traffic between a wireless client and a wireless AP and multicast and broadcast traffic sent by a wireless client to the wireless AP.

WEP encryption uses the RC4 symmetric stream cipher with 40-bit and 104-bit encryption keys. 104-bit encryption keys are not standard, however, many wireless AP vendors support them.

See Also

802.11 Authentication | How to Set Up an 802.1x Network and Connect to It with a CEPC | Network Keys | Network Adapter Card Requirements | 802.1x Security

Send Feedback on this topic to the authors

Feedback FAQs

© 2006 Microsoft Corporation. All rights reserved.