Computer Tips : WEP vs WPA
WEP (Wired Equivalent Privacy) is the first security mechanism that was embedded on wireless devices. After major flaws were found in its design, people hurried to find a replacement security mechanism to protect the networks that are already using wireless. The end result was WPA or Wi-Fi Protected Access which used the Temporal Key Integrity Protocol or TKIP to encrypt the data.
Wired Equivalent Privacy, commonly called WEP is 802.11's first hardware form of security where...
both the WAP and the user are configured with an encryption key of either 64 bits or 128 bits in HEX. So when the user attempts to authenticate, the AP issues a random challenge. The user then returns the challenge, encrypted with the key. The AP decrypts this challenge and if it matches the original the client is authenticated. The problem with WEP is that the key is static, which means with a little time and the right tool a hacker could use reverse-engineering to derive the encryption key. It is important to note that this process does affect the transmission speed.
The University of California at Berkley and the University of Maryland performed studies on WEP and found that they could typically decrypt a WEP key in at least 8 hours to several days. A more recent study by AT&T Labs outlines a modification of this technique that enables retrieval of the network key in fifteen minutes or less! Even more recently the FBI demonstrated the 3-minute WEP crack. Why is this scary? It's scary because this means that an attacker can have unrestricted access to the networks resources within minutes!
The next generation of hardware security is Wi-Fi Protected Access commonly know as WPA. WPA solves WEP's static encryption key issue. WPA uses a Temporal Key Integrity Protocol (TKIP), which changes keys with every data packet. It also includes message-integrity checks that guard against forged packets. Of course WPA is not without flaw, for increase security we sacrifice more of our speed! Another weakness with WPA exists when the home version is used, which utilizes a shared pass phrase. If the user chooses a pass phrase that might be found in the dictionary and/or uses a pass phrase that is less then 21 characters, WPA can be cracked using a brute force dictionary attack.
Wired Equivalent Privacy, commonly called WEP is 802.11's first hardware form of security where...
both the WAP and the user are configured with an encryption key of either 64 bits or 128 bits in HEX. So when the user attempts to authenticate, the AP issues a random challenge. The user then returns the challenge, encrypted with the key. The AP decrypts this challenge and if it matches the original the client is authenticated. The problem with WEP is that the key is static, which means with a little time and the right tool a hacker could use reverse-engineering to derive the encryption key. It is important to note that this process does affect the transmission speed.
The University of California at Berkley and the University of Maryland performed studies on WEP and found that they could typically decrypt a WEP key in at least 8 hours to several days. A more recent study by AT&T Labs outlines a modification of this technique that enables retrieval of the network key in fifteen minutes or less! Even more recently the FBI demonstrated the 3-minute WEP crack. Why is this scary? It's scary because this means that an attacker can have unrestricted access to the networks resources within minutes!
The next generation of hardware security is Wi-Fi Protected Access commonly know as WPA. WPA solves WEP's static encryption key issue. WPA uses a Temporal Key Integrity Protocol (TKIP), which changes keys with every data packet. It also includes message-integrity checks that guard against forged packets. Of course WPA is not without flaw, for increase security we sacrifice more of our speed! Another weakness with WPA exists when the home version is used, which utilizes a shared pass phrase. If the user chooses a pass phrase that might be found in the dictionary and/or uses a pass phrase that is less then 21 characters, WPA can be cracked using a brute force dictionary attack.
