WEP, WPA, WPA2 and Home Security

encryption
Facebooktwittergoogle_plusredditpinterestlinkedinmail

WEP and WPA are types of security that are used to protect wireless networks, including the one you may be using at home. Wired Equivalent Privacy (WEP) was the first protection standard, introduced in 1997. By 2001, several serious weaknesses were identified so that today a WEP connection can be cracked within minutes. In response to these vulnerabilities, in 2003 the Wi-Fi Alliance announced that WEP had been replaced by Wifi Protected Access (WPA). Wifi Protected Access (WPA and WPA2) is a certification program that indicates compliance with the security protocol created by the Wi-Fi Alliance to secure wireless computer networks.

encryption

Back when the first consumer wireless networking devices were introduced in the late 1990s, they came with a technology called WEP. WEP was designed to protect a wireless network from eavesdropping, but due to many flaws, WEP’s security turned out to be flawed and easily broken. In 2003, a new technology called WPA was created to address many of WEP’s shortcomings. While WPA has been a mainstream technology for many years, WEP remains available on many wireless routers, mainly for backward compatibility with old hardware. Nevertheless, many wireless networks operating today are still using outdated and insecure WEP for their encryption.

Why You Should Not Use WEP

The main weakness of WEP is its use of static encryption keys. When you set up a router with a WEP encryption key, that key is used by every device on your network to encrypt every packet that’s transmitted. But just because packets are encrypted doesn’t mean that they can’t be intercepted. Wifi signals are simply radio waves, and nearly all wifi-enabled laptops can be set to receive ALL wifi signals being transmitted around them on a given radio channel. The process of cracking a WEP key used to require that a hacker intercept millions of packets, but that’s no longer the case. In about six minutes of listening to a busy network, an eavesdropper can collect a large enough sample of your transmission stream to derive the WEP encryption key, which allows them to decrypt everything being transmitted by you. While someone may not be lurking outside your window looking to hack your wireless network, if it can be broken increasingly easily with commonly available equipment and software, there is no reason to continue to use WEP when WPA is a more secure and easy to use.

Even if your router is six years old, it most likely supports some form of WPA. The most widely supported version is WPA Personal, otherwise known as WPA Pre-Shared Key (PSK). To encrypt a network with WPA Personal/PSK, you provide your router with a passphrase between eight and 63 characters long – the longer the better. Using an encryption protocol called TKIP (Temporal Key Integrity Protocol), the passphrase (plus the network’s name, or SSID) are used to generate unique encryption keys for each wireless client. These encryption keys are constantly refreshed to avoid the techniques used by WEP crackers. WPA version 2 (WPA2) uses a more advanced encryption protocol that is more efficient and resistant to attack. All wifi products have been required to support WPA2 for the past three years, replacing WPA, which is now being phased out. There is another variation called WPA/WPA2 Enterprise, but this is more difficult to administer, and is intended to be used by large companies with dedicated IT departments.)

If your current home wireless router does not support at least WPA (preferably WPA2), you should consider replacing it with one that is more up to date. You may also want to upgrade other wifi devices that connect to your router, like laptops and desktops. Properly configured, WPA or WPA2 offer you significantly better protection than WEP.

Fortunately, you have control over the security of your own home network, where you can use WPA or WPA2 to keep yourself safe. Unfortunately, the same cannot be said for most public wifi hotspots. Many do not offer any security at all for your communication. That information is often buried in that “I agree” stuff that you probably don’t read. The best way to protect your information at hotspots is to use a Virtual Private Network, or VPN, which encrypts the data moving to and from your laptop. Most large companies have a company-support VPN to protect corporate communications. PRIVATE WiFi™ provides the same capability for individuals, business travelers, and small and medium-sized enterprises.

Get Private Wifi   Protect your personal information.
Get DataCompress   Cut your mobile data usage.

Jared Howe

Jared Howe is PRIVATE WiFi’s Senior Manager, Product Marketing Communications. Working in high tech for over 15 years, Jared currently lives in Seattle with his wife, daughter, and their two cats.