Nowadays wireless network has become an essential utility in our daily life, ranking up there with studying, working, entertainment as a 'must have' in our lives. But do you know how many types of wifi security? And which is the best practical choice for your home wireless security?
Let’s learn some of the basics of WiFi security.
Types of Wireless Security
- WEP
WEP (Wired Equivalent Privacy), the grandfather of wireless security types, is a security algorithm for IEEE 802.11 wireless networks. Introduced as part of the original 802.11 standard ratified in 1997, its intention was to provide data confidentiality comparable to that of a traditional wired network. When a client (like a laptop or iPad) connects to a WEP-protected network, the WEP key is added to some data to create an “initialization vector”, or “IV” for short. Because RC4 is a stream cipher, the same traffic key must never be used twice. The purpose of an IV, which is transmitted as plain text, is to prevent any repetition, but a 24-bit IV is not long enough to ensure this on a busy network. The way the IV was used also opened WEP to a related key attack. For a 24-bit IV, there is a 50% probability the same IV will repeat after 5000 packets.
WEP is not the correct choice for securing your network, and in light of this, other types of wireless security were created.
- WPA
WPA(WiFI Protected Access) was ratified by the WiFi Alliance in 2003 as a response to the insecurities that were discovered in WEP. This new security standard, the Temporal Key Integrity Protocol (TKIP), included several enhancements over WEP, including a new message integrity check nicknamed “Michael.”
While Michael offered a great deal of improvement over the old way of securing networks, there was still some worry about some security issues with using a similar (though much stronger) implementation.
- WPA2
WPA2 (Wi-Fi Protected Access 2) was introduced in 2002 due to the concerns about Michael. At the center of WPA2 is its use of a security protocol based on Advanced Encryption Standard (AES), the U.S. Government’s preferred choice of encryption. As it stands now, the only people who should still be using TKIP on a wireless network are those who are dealing with hardware that is rated for 802.11g only.
- WPS
WPS (WiFi Protected Setup) was introduced in 2006. the goal of the protocol is to allow home users who know little of wireless security and may be intimidated by the available security options to set up Wi-Fi Protected Access, as well as making it easy to add new devices to an existing network without entering long passphrases.
With this type of security, a user is able to add new devices to their network by simply pushing a button (within administration software or physically on the router) and then typing in an 8-digit PIN number on the client device. The eighth and final digit of the PIN number is a checksum, which is used to make sure the 7 digits that matter don’t get corrupted. But When a PIN is being examined by the AP, the first 4 digits (10,000 possibilities) are checked separately from the last 3 digits (1,000 possibilities). This translates into a malicious user only needing to make at most 11,000 guesses, which a computer can handle in a matter of hours!
Wi-Fi Security Best-Choice
- Don't use WEP, which is easy to crack
- Don't use WPA, unless legacy devices on your network require it
- Don't use WPS, which can easily be brute-forced
- Do use WPA2 with a strong passphrase