WEP is based on RC4 encryption - not really a good tool for the job. TO make matters worse, the implementers use non-changing information to craft the encrypted frame.
The weak point is the 24 bit Initialization Vector. That, coupled with knowledge of the framing format, provides too many clues to breaking the encrypted stream.
That's why a 104/128 bit WEP is no more secure than a 40/64 bit WEP (in fact, the longer WEP provides more "clues" than the 40 bit WEP).
WPA / WPA2 / 802.11i use a dynamic generation scheme which make it much more secure and "unbreakable." (acknowledge that anything usable by the public is likely to be breakable at some point, it becomes an issue of how usable the information would be given the time-to-crack).
WPA-PSK (PSK=Pre-Shared Key) basically replaces WEP. It may or may not be "really" secure depending on the Pre-Shared Key. If you use a short, weak (i.e., dictionary words) keys, then WPA-PSK becomes vulnerable to dictionary or brute-force attacks.
Make the PSK as long as possible, and break up the words with numbers and / or punctuation, and mix the case of the letters (i.e., scottmac ==> Sc0Tt!mAc! - only make it long .....).
With long, strong keys, WPA-PSK is only really open to brute-force attacks. The longer the key, the less-likely that it will be cracked in a usable period of time (months, years ...). Add to that "Key Rotation" where the keys are changed at relatively short timespans, and it makes it nearly impossible to to gain full access to any sigificant information.
The CWAP (Certified Wireless Analysis Profesional) book from Osborne has a pretty good explaination if you need the gory details.
Good Luck
Scott
