Wired Equivalent Privacy (WEP) isn't.

(January 2001) Researchers at the University of California at Berkely independently released a paper describing the problems with WEP. Their web page can be found here ( http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html ). Executive Summary We have discovered a number of flaws in the WEP algorithm, which seriously undermine the security claims of the system. In particular, we found the following types of attacks: * Passive attacks to decrypt traffic based on statistical analysis. * Active attack to inject new traffic from unauthorized mobile stations, based on known plaintext. * Active attacks to decrypt traffic, based on tricking the access point. * Dictionary-building attack that, after analysis of about a day's worth of traffic, allows real-time automated decryption of all traffic. Our analysis suggests that all of these attacks are practical to mount using only inexpensive off-the-shelf equipment. We recommend that anyone using an 802.11 wireless network not rely on WEP for security, and employ other security measures to protect their wireless network. Note that our attacks apply to both 40-bit and the so-called 128-bit versions of WEP equally well. They also apply to networks that use 802.11b standard (802.11b is an extension to 802.11 to support higher data rates; it leaves the WEP algorithm unchanged).