WPA vs WEP: How your Choice Affects your Wireless Network Security

Your rating: None Average: 3.9 (184 votes)

An exploration of the reasons why WPA provides stronger wireless security than WEP in your wireless network

What is WPA?

WiFi Protected Access (WPA) is the new security standard adopted by the WiFi Alliance consortium. WiFi compliance ensures interoperability between different manufacturer’s equipment. WPA delivers a level of security way beyond anything that WEP can offer, bridges the gap between WEP and 802.11i networks, and has the advantage that the firmware in older equipment may be upgradeable.

How does WPA work?

WPA uses Temporal Key Integrity Protocol (TKIP). TKIP is designed to allow WEP to be upgraded. This means that all the main building blocks of WEP are present, but corrective measures have been added to address security problems.

How WPA improves on WEP

The weaknesses in WEP have been well publicized. TKIP’s improvements are described below. IV values can be reused/IV length is too short The length of the IV has been increased from 24bits to 48bits. Rollover of the counter is eliminated. Reuse of keys is less likely. In addition IVs are now used as a sequence counter, the TSC (TKIP Sequence Counter), protecting against replaying of data, a major vulnerability in WEP.

Weak IV values are susceptible to attack WPA avoids using known weak IV values. A different secret key is used for each packet, and the way the key is scrambled with the secret key is more complex. Master keys are used directly in WEP Master Keys are never used directly in WPA. A hierarchy of keys is used, all derived from the Master. Cryptographically this is a much more secure practice.

Key Management and updating is poorly provided for in WEP Secure key management is built-in to WPA, so key management isn’t an issue with WPA. Message integrity checking is ineffective WEP message integrity proved to be ineffective. WPA uses a Message Integrity Check (MIC) called, Michael! Due to the hardware constraints the check has to be relatively simple. In theory there is a one in a million chance of guessing the correct MIC. In practice any changed frames would first need to pass the TSC and have the correct packet encryption key even to reach the point where Micheal comes into operation. As further security Michael can detect attacks and performs countermeasures to block new attacks.

Conclusion

WPA (TKIP) is a great solution, providing much stronger security than WEP, addressing all the weaknesses and allowing compatibility and upgrades with older equipment.

Comments

wpa on printer

when tring to connect my hp photo smart photo b210 printer keeps asking for wpa code

Onesided argument invalid

Onesided argument invalid

WPA vs WEP

I'm trying to convinse my mum to convert security to WEP so that i can get Nintendo DS wifi. Is that a good or bad idea? Our laptop has no personal info on it because its just been completely reset. We currently have WPA.

WPA2

my modem has a wep key and when trying to put the wireless on my phone it asks for WPA2 password, will not accept my wep key
how do i connect my phone to my moded for wi/fi

Great

An encryption key differing in every packet.mechanism shares a starting key between devices. Each device then changes its encryption key for every packet. It’s extremely difficult for hackers to read messages.

installing wpa...

hi may i know how to install my wpa router? is it safe to use in an urban community??

nintendo ds problem

i cant connect my ds to wfc (nintendo Wi-Fi Connection)

unsupported.

Nintendo WFC doesn't support WPA; it only supports WEP. If you want to have Wi-Fi in your DS you have to change it back to WEP.

offline printer

my HP printer went offline during the last storm, and won't go back online. I have an Acer laptop.

Hi

What does it means by IV values?

IV stands for Initialization

IV stands for Initialization Vector, used to encrypt the packets. See the article Why is WEP Crackable for details.

Linksys - WPA vs WEP - no internet

I have the WRT160Nv3 router, 1 windows 7 desktop, 1 win 7 laptop, and an older win xp laptop. I have a wireless network set up, but the laptop with win xp cannot connect to the internet through it. I’ve changed from WPA personal to WEP to allow for the older laptop to connect – picks up the network but no internet. Why and how can I fix this? Also, seems the WEP slowed down the windows 7 laptop connectivity. HELP?

u can go and check the

u can go and check the internet connection in ur area first or the waire that u conected with that labtob

Sometimes when u have

Sometimes when u have previously connected to a network with the same ssid as the one your trying to connect to now,the computer memorises the ssid and password and when you change the pass or mode eg. Wpa wpa2 it memorises the old pass and tries to connect, and gets confused because it could connect before but cant now.
go into network and sharing and forget the network then re enter th pass

I hate it when my computer

I hate it when my computer gets confused...

Just changed modems

Just changed modems and updated router software. Now can't connect. I'm seeing the connection as a wep. But it is wpa so it will not connect. Any suggestions

Help

I want to Get my DS online but I need to change to WEP but I don't want to get hacked.
:]

RE: Help

Unless you live in a large city, the chances that you will get hacked are slim to nothing. Btw, the DS has a terrible browser and you should use a computer like everyone else.

DS wifi

so basically there's no way i can get WPA to work for my Nintendo DS?

Wifi USB Connector

You can get a wifi USB connector, but it seems that they don't sell them any more, which is the problem I am having... I want to play online not surf the web(which you can do on a WPA), but have a WPA connection so I can't play anything online :(

wpa vs wep

bon slt tous le monde ,
pour avoir bon cle de wifi il fout un bon key par exemple :
wpa
hddfb122µ*11....hddfb122µ*11

wpa

i like wpa because is fort

WEP WPA

how inter wpa wep pls

I had to change to wep from wpa for my DS

I don't rely care about hackers, there are few people who live near me and they are all old people, so I'm in no immediate threat. Anyway your only at risk to hackers if you store any personal information on you hard drive. So its your own fault for having personal data stored anyway. I'm not saying hackers are good but there wouldn't be hackers if people didn't store their personal stuff.

Kind of late, I know.

Kind of late, I know. However, I'd just like to inform you that the term 'hacker' is specifically coined to describe an individual as a techno enthusiast who's primary concern is to break down technology, understand how it functions in variation, and edit it to his/her own wants and needs. We wouldn't have all this beautiful hardware and software if it weren't for hackers. Also I do believe the term you were searching for was 'cracker.'This term is aimed towards individuals who act in a malicious nature rather than ethically. Also note that there is an even far more degrading term known as 'script kiddie', which is a poser of some sort who's aim is usually for malicious activities, but also does not understand or care to understand how a specific thing works. So remember that hackers are the good guys. Please don't bring us down to that level as we do not enjoy such titles. The media has widely distorted our perceptions on the subject of matter. Yes, they have lied to you and lie to you every day about everything. :)

Hope this helped someone out there and I do apologize for any incorrect grammar or punctuation as I'm sure due to my human nature. Seek for knowledge and the beauty of freedom!
Hack the planet, and God bless. ^^)

-Mike

That's rubbish. Everybody

That's rubbish. Everybody uses a computer that has at least SOME personal information on it. And the average hacker is not remotely interested in the average person's boring personal information, unless they are into identity theft. The average hacker just wants to freeload off someone's unsecured wifi network. Getting at Joe Blogg's personal files is just too much like hard work.

Anyway, you can protect yourself by storing personal information in encrypted files or dmg, and also by securely wiping your HD before you get rid of it.

wep

My linksys stem is from 2002 and it only has WEP. what should I do?
Thanks,
Beth

If you are concerned about

If you are concerned about security, then you need to purcase a new device. Also, a lot has changed in 9 years in WiFi technology, you most certainly would get better features and performance in a new unit.

WEP vs WPA

simple difference you can hack WEP in about 5 mins or less WPA or WPA2 is not impossible to hack but is a lot harder so i've heard.

WEP and WPA together?

I am running WPA wireless. I have a couple older devices I need to support that only do WEP. Is there a way to get both working at the same time?

It depends if you would like

It depends if you would like the wireless devices to communicate with each other or not. In a lot of cases the wireless clients do not need to talk to the other wireless clients, they just need internet access and access to the network resources such as the printer etc. If this is your case, newer wireless routers have a "Guest" feature. The guest network can be configured seperate from the normal network. So you can have WPA (or other security) on your normal network, and use WEP (or none) on your Guest network. Anything on the guest network will not be able to communicate with the devices on the computer network, (unless you specify to do so in the firmware)

no

no but if you create a user defined WEP it will be more than likely safe

thanks

thanks

WEP vs WPA

Good points, simply put. Thanks very much

WPA

assh.... give some examples that newbees can work out from..........

Speed

If you want speed use a wire solution

IPOD touch runs on WEP , Vista computers on WPA

what do I do? can't have best of both worlds?

If you update to the newest

If you update to the newest firmware on your itouch, it should run on wpa. Mines wpa.

playstation3

where would i find wpa key

wpa vs wep

is the data transfer is slower in wep yhan wpa?

wpa vs wpa2

whats the difference between wpa and wpa2. whats the difference between personal and enterprise. is there any security level difference?

We've written an article

We've written an article comparing WPA vs WPA2. Hopefully that will answer some of your questions.

reply

being a teacher i wanted to make a note for teh new IGCSE o/l syllabus.. ur article was very helpful.

that is very good gold star

that is very good gold star

I like how you didn't mention

I like how you didn't mention that WPA slows down your connection speed quite noticably compared to WEP.

Speed over security

Yeah... speed is much more important than security...

WPA vs WEP

speed might be important but not at the risk of your privacy and data integrity. I would rather have a relatively average speed where my data is secure and my privacy is guarded instead of a blazingly fast speed where my data integrity and my privacy are at the mercy of the identity thief or hacker!

wep v wap

I just read your article and the easy way you discribed the differences was easy to understand. Thanks for the tips... Willow... from the UK

Great article

Great! I based my assignment from one of my networking units on that! Thanks! :)

wep vs wpa

I just wanted a quick look at how does it work and it was good enough to give me understanding.
Thank You!

Post new comment

By submitting this form, you accept the Mollom privacy policy.