WEP is based on a security scheme called RC4 that utilizes a combination of secret user keys and system-generated values. The original implementations of WEP supported so-called 40-bit encryption, having a key of length 40 bits and 24 additional bits of system-generated data (64 bits total). Research has shown that 40-bit WEP encryption is too easy to decode, and consequently product vendors today employ 128-bit encryption (having a key length of 104 bits, not 128 bits) or better (including 152-bit and 256-bit WEP systems).
When communicating over the wire, wireless network equipment uses WEP keys to encrypt the data stream. The keys themselves are not sent over the network but rather are generally stored on the wireless adapter or in the Windows Registry.
Regardless of how it is implemented on a wireless LAN, WEP represents just one element of an overall WLAN security strategy.
