compnetworking about wireless security

Link Address: http://compnetworking.about.com/od/wirelesssecurity/f/what-is-wpa2.htm

WEP - Wired Equivalent Privacy

Definition: WEP is a standard network protocol that adds security to 802.11 Wi-Fi networks at the data link layer (OSI model Layer 2). WEP was designed to give wireless networks the equivalent level of privacy protection as a comparable wired network. However, the underlying technology behind WEP has been demonstrated to be relatively insecure compared to newer protocols like WPA.

WEP utilizes a data encryption scheme called RC4 with a combination of user- and system-generated key values. The original implementations of WEP supported encryption keys of length 40 bits and 24 additional bits of system-generated data (64 bits total). In an attempt to increase protection, these encryption methods were extended to support longer keys including 104-bit (128 bits of total data), 152-bit and 256-bit.

When communicating over a Wi-Fi connection, the protocol encrypts the data stream using these keys so that it is no longer human readable but still can be processed by receiving devices. The keys themselves are not sent over the network but rather are generally stored on the wireless network adapter or in the Windows Registry.

WEP represents just one element of an overall wireless network security strategy.

WPA - Wi-Fi Protected Access

Definition: WPA is a security technology for Wi-Fi wireless computer networks. WPA improves on the authentication and encryption features of WEP (Wired Equivalent Privacy). In fact, WPA was developed by the networking industry in response to the weaknesses of WEP.

WPA provides stronger encryption than WEP through use of either of two standard technologies: Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES). WPA also includes built-in authentication support that WEP does not offer. Overall, WPA provides comparable security to VPN tunneling with WEP, with the benefit of easier administration and use.

A variation of WPA designed for use on home networks is called WPA Pre Shared Key or WPA-PSK for short. WPA-PSK is a simplified but still powerful form of WPA. To use WPA-PSK, a person sets a static key or passphrase as with WEP. But, using TKIP, WPA-PSK automatically changes the keys at a preset time interval, making it much more difficult for hackers to find and exploit them. Another variation of WPA called WPA contains other technical enhancements.

What Is WPA2?

 WPA2 is a security technology commonly used on Wi-Fi wireless networks. WPA2 (Wireless Protected Access 2) replaced the original WPA technology on all certified Wi-Fi hardware since 2006 and is based on the IEEE 802.11i technology standard for data encryption.

WPA2 Keys

Several different forms of WPA2 security keys exist. WPA2 Pre-Shared Key (PSK) utilizes keys that are 64 hexadecimal digits long and is the method most commonly used on home networks. Many home routers call WPA2 PSK as "WPA2 Personal" mode; these refer to the same underlying technology.

WPA2 vs. WPA vs. WEP

Wireless Protected Access was designed as a replacement for the older and less secureWireless Encryption Protocol (WEP). WPA2 should be used instead of WEP whenever possible on home computer networks.

WPA2 also improves the security of Wi-Fi connections by requiring use of stronger wireless encryption than what WPA requires. Specifically, WPA2 does not allow use of an algorithm called TKIP (Temporal Key Integrity Protocol) that has known security holes (limitations) in the original WPA implementation.