Understanding security algorithms can be confusing. No matter how tech-savvy you get, there’s a high chance that you probably find all the security protocol acronyms a little bit puzzling.
Read on as we highlight the differences between protocols like WEP, WPA, and WPA2—and why it matters which acronym you slap on your home Wi-Fi network.
Why Should You Know About These Protocols?
Knowing about these protocols help you make decisions regarding your online security. These security protocols and security certification programs developed by the Wi-Fi Alliance are there to secure wireless computer networks.
By keeping yourselves updated regarding security protocols, it’s clear that no one can fool you. Plus, it’s good to know a thing or two about how the internet works.
WEP, WPA, WPA2 Security Protocols
Back when the first consumer wireless networking devices were introduced in the late 1990s, they came with a technology called WEP. Since then, Wi-Fi security protocols have undergone multiple upgrades, with the outright deprecation of older protocols and significant revision to newer protocols.
A quick walkthrough of the history of Wi-Fi security assists to focus both what’s happening out there in the world of the internet right now and why you should keep away from older security protocol standards.
WEP, also known as Wired Equivalent Privacy is by far the most widely used Wi-Fi security protocol in the world. It was formally approved in September of 1999.
The initial versions of WEP weren’t secure in nature, due to restrictions laid out by the U.S. government which restricted manufacturers to export various cryptographic technology to only 64-bit encryption.
However, when the restrictions were lifted, the technology was increased to 128-bit. While there’s 256-bit WEP available in the market, 128-bit remains one of the most common security protocol.
In spite of several revisions made to the security protocol, including an improved key size, multiple security flaws have been discovered in the WEP standard. As technology progresses, so does the scope of exploiting weaknesses in security protocols.
Since its introduction, WEP has been criticized for its vulnerabilities and by 2005, the FBI made a public demonstration in hopes of increasing awareness of WEP’s flaws where they cracked WEP passwords in minutes using freely available software.
Regardless of countless advances made to WEP infrastructure, it remains a highly vulnerable security protocol. Devices that are using WEP should most definitely be upgraded or replaced. The Wi-Fi Alliance officially retired WEP in 2004.
Wi-Fi Protected Access (WPA) was given birth due to the ever-increasing and obvious weaknesses discovered in WEP. WPA was officially approved in 2003, a year before WEP was formerly retired.
The widely used WPA configuration is known as WPA-PSK (Pre-Shared Key). WPA uses 256-bit, which is a substantial increase from just 64-bit and 128-bit keys used by WEP.
WPA came packed with significant changes that improved the overall security of information that passes through devices. WPA can check if an attacker has captured or altered packets passed from your device over to the internet. WPA also used the Temporal Key Integrity Protocol (TKIP), which was later superseded by Advanced Encryption Standard (AES).
Despite what a significant improvement WPA was over WEP, the ghost of WEP haunted WPA. TKIP, a core component of WPA, was designed to be easily rolled out via firmware upgrades onto existing WEP-enabled devices. As such, it had to recycle certain elements used in the WEP system, which, ultimately, were also exploited.
WPA, like its predecessor WEP, has been shown via both proof-of-concept and applied public demonstrations to be vulnerable to intrusion. Interestingly, the process by which WPA is usually breached is not a direct attack on the WPA protocol (although such attacks have been successfully demonstrated), but by attacks on a supplementary system that was rolled out with WPA—Wi-Fi Protected Setup (WPS)—which was designed to make it easy to link devices to modern access points.
WEP vs. WPA
|Stands for||Wireless Encryption Protocol||Wi-Fi Protected Access|
|What is it?||A security protocol developed by the Wi-Fi Alliance in 1999. It was intended to secure wireless networks.||A security protocol developed by the Wi-Fi Alliance in 2003 for use in securing wireless networks; designed to replace the WEP protocol.|
|Methods||WEP was the first and most common security protocol intended to secure wireless networks against intruders.||As a temporary solution to WEP’s problems, WPA still uses WEP’s insecure RC4 stream cipher but provides extra security through TKIP.|
|Uses||Wireless security through the use of a password|
WEP and WPA Vulnerabilities
As with any internet protocol that is heavily targeted, WEP and WPA are no different. Cybercriminals are continually targeting security protocols and hacking vulnerabilities to infiltrate on your internet activities.
The most notable, KRACK, was a WPA security vulnerability. Serious weaknesses have been discovered in WEP and WPA. Flaws found in these security protocols which are intended to secure us is a significant cause of concern.
The weakness means that all devices are vulnerable to hackers who are eagerly waiting on picking up any information which is flowing in and out of devices such as laptops, cell phones, smart home devices and anything else that is connected to a Wi-Fi network.
Best Wi-Fi Security Practices
You setup a Wi-Fi device in your home to get swift access to the internet at each corner of your house, don’t let Wi-Fi provide hackers with a backdoor into your Wi-Fi network. Here are a few tips to make your wireless network more secure.
- Use stronger encryption
256-bit Advanced Encryption Standard is the way to go forward.
- Use a WPA secured network
Ensure that you choose an alphanumeric password that’s hard to guess.
- Provide a separate network for guests
Dedicate a separate network for outsiders so that your internal communications are secure.
- Mask your network name
By hiding your SSID, you’re making it not only hard but impossible for strangers to connect to your network.
- Use a VPN
A VPN for your WiFi device is an all-inclusive solution to your internet nightmares. With state-of-the-art encryption algorithms and a secure VPN tunnel that masks your online activities, your digital identity is secured at all times.
Read more on ways to secure your Wi-Fi network.
WPA 2 and WPA 3 Security Protocols
|Stands for||Wi-Fi Protected Access 2||Wi-Fi Protected Access 3|
|What is it?||A security protocol developed by the Wi-Fi Alliance in 2004 for use in securing wireless networks; designed to replace the WEP and WPA protocols.||Officially released in 2018, WPA3 is the next generation of WPA and offers enhanced security features. It protects against weak passwords that can be cracked relatively easily via guessing.|
|Methods||Unlike WEP and WPA, WPA2 uses the AES standard instead of the RC4 stream cipher. CCMP replaces WPA’s TKIP.||128-bit encryption in WPA3-Personal mode (192-bit in WPA3-Enterprise) and forward secrecy. WPA3 also replaces the Pre-Shared Key (PSK) exchange with Simultaneous Authentication of Equals, a more secure way to do an initial key exchange.|
|Secure and Recommended?||WPA2 is recommended over WEP and WPA and is more secure when Wi-Fi Protected Setup (WPS) is disabled. It is not recommended over WPA3.||Yes, WPA3 is more secure than WPA2 as its primary intention is to increase cryptographic strength.|
Which Security Protocol Is Best For You?
All in all, WPA3 promises to keep your internet activities secure especially IoT devices. While it will take a while for WPA3 roll out fully, the important thing is that the transition process has begun. This means safer, more secure Wi-Fi networks in the future.