Wi-Fi (Wireless Fidelity) WEP, WPA and WPA2

Wi-Fi (Wireless Fidelity)

Wi-Fi (Wireless Fidelity) is one of today’s leading wireless technologies, with Wi-Fi support being integrated into more and more devices: laptops, PDAs, mobile phones. However, one configuration aspect all too often goes unnoticed: security. Let’s have a closer look at the level of security of encryption methods used in modern Wi-Fi implementations. A WiFi connection is established using a wireless adapter to create hotspots – areas in the vicinity of a wireless router that are connected to the network and allow users to access internet services. Once configured, WiFi provides wireless connectivity to your devices by emitting frequencies between 2.4GHz – 5GHz, based on the amount of data on the network. A WiFi network makes use of radio waves to transmit information across a network. The computer should include a wireless adapter that will translate data sent into a radio signal. This same signal will be transmitted, via an antenna, to a decoder known as the router. Once decoded, the data will be sent to the Internet through a wired Ethernet connection. As the wireless network works as a two-way traffic, the data received from the internet will also pass through the router to be coded into a radio signal that will be received by the computer’s wireless adapter.here, we provide information about Wi-Fi (Wireless Fidelity) WEP, WPA and WPA2.

A wireless network will transmit at a frequency level of 2.4 GHz or 5GHz to adapt to the amount of data that is being sent by the user. The 802.11 networking standards will somewhat vary depending mostly on the user’s needs. The 802.11a will transmit data at a frequency level of 5GHz. The Orthogonal Frequency-Division Multiplexing (OFDM) used enhances reception by dividing the radio signals into smaller signals before reaching the router. You can transmit a maximum of 54 megabits of data per second. The 802.11b will transmit data at a frequency level of 2.4GHz, which is a relatively slow speed. You can transmit a maximum of 11 megabits of data per second. The 802.11g will transmit data at 2.4GHz but can transmit a maximum of 54 megabits of data per second as it also uses an OFDM coding. The more advanced 802.11n can transmit a maximum of 140 megabits of data per second and uses a frequency level of 5GHz.

For hotspots: In order to access hotspots, your computer should include a wireless adapter. If you are using an advanced laptop model, it will probably include a built-in wireless transmitter already. If it doesn’t, you can purchase a wireless adapter that will plug into the PCI slot or USB port. Once installed, your system should automatically detect the WiFi hotspots and request connection. If not, you should use a software to handle this task for you.

In wireless security, passwords are only half the battle. Choosing the proper level of encryption is just as vital, and the right choice will determine whether your wireless LAN is a house of straw or a shielded fortress.


Most wireless access points come with the ability to enable one of three wireless encryption standards: Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA) or WPA2. Explore the chart below to get a basic understanding of the differences between WPA, WEP and WPA2, as well as the uses and mechanisms of each one of these wireless security protocols, and to find out whether WPA, WEP or WPA2 is the best choice for your environment.


Wired Equivalency Privacy (WEP)

Developed in the late 1990s as the first encryption algorithm for the 802.11 standard, WEP was designed with one main goal in mind: to prevent hackers from snooping on wireless data as it was transmitted between clients and access points (APs). From the start, however, WEP lacked the strength necessary to accomplish this.WEP uses the RC4 stream cipher for authentication and encryption. The standard originally specified a 40-bit, preshared encryption key — a 104-bit key was later made available after a set of restrictions from the U.S. government was lifted. The key must be manually entered and updated by an administrator.

The key is combined with a 24-bit initialization vector (IV) in an effort to strengthen the encryption. However, the small size of the IV increases the likelihood that keys will be reused, which, in turn, makes them easier to crack. This characteristic, along with several other vulnerabilities — including problematic authentication mechanisms — makes WEP a risky choice for wireless security. 

Wi-Fi Protected Access (WPA)

The numerous flaws in WEP revealed the urgent need for an alternative, but the deliberately slow and careful processes required to write a new security specification posed a conflict. In response, in 2003, the Wi-Fi Alliance released WPA as an interim standard, while the Institute of Electrical and Electronics Engineers (IEEE) worked to develop a more advanced, long-term replacement for WEP.WPA has discrete modes for enterprise users and for personal use. The enterprise mode, WPA-EAP, uses more stringent 802.1x authentication with the Extensible Authentication Protocol, or EAP. .Although WPA is also based on the RC4 cipher, it introduced several enhancements to encryption — namely, the use of the Temporal Key Integrity Protocol (TKIP). The protocol contains a set of functions to improve wireless LAN security: the use of 256-bit keys, per-packet key mixing — the generation of a unique key for each packet — automatic broadcast of updated keys, a message integrity check, a larger IV size (48 bits) and mechanisms to reduce IV reuse.WPA was designed to be backward-compatible with WEP to encourage quick, easy adoption. Network security professionals were able to support the new standard on many WEP-based devices with a simple firmware update. This framework, however, also meant the security it provided was not as robust as it could be.

Wi-Fi Protected Access 2 (WPA2)

As the successor to WPA, the WPA2 standard was ratified by the IEEE in 2004 as 802.11i. Like its predecessor, WPA2 also offers enterprise and personal modes. Although WPA2 still has vulnerabilities, it is considered the most secure wireless security standard available.WPA2 replaces the RC4 cipher and TKIP with two stronger encryption and authentication mechanisms: the Advanced Encryption Standard (AES) and Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP), respectively. Also meant to be backward-compatible, WPA2 supports TKIP as a fallback if a device cannot support CCMP.

Developed by the U.S. government to protect classified data, AES is composed of three symmetric block ciphers. Each encrypts and decrypts data in blocks of 128 bits using 128-, 192- and 256-bit keys. CCMP protects data confidentiality by allowing only authorized network users to receive data, and it uses cipher block chaining message authentication code to ensure message integrity.WPA2 also introduced more seamless roaming, allowing clients to move from one AP to another on the same network without having to reauthenticate, through the use of Pairwise Master Key caching or preauthentication.

Which security method will work for your network

Here is the basic rating from best to worst of the modern WiFi security methods available on modern (after 2006) routers:

    1. WPA2 + AES
    2. WPA + AES
    3. WPA + TKIP/AES (TKIP is there as a fallback method)
    4. WPA + TKIP
    5. WEP
    6. Open Network (no security at all)

The best way to go is deactivate Wi-Fi Protected Setup (WPS) and set the router to WPA2 +AES. And as you go down the list, the less secure your network is going to get.


Related posts

Leave a Comment