The passphrase is hashed to the key, though, not just used literally as the key, right? Otherwise the security would be terrible; there's a lot less than 104 bits of entropy in any reasonable 13-character password.
My understanding is that the passphrase is appended as provided to an "initialization vector" (which, if I understand the spec correctly, is either WEP's salt or nonce), which is then used as the seed to RC4's PRNG, which then is used as a stream to XOR the plaintext (and its CRC32 checksum). This is from page 160 (PDF page 208) of the spec I linked to.
Previous Topic
Index
