1. Menu
WEP vs. WPA vs. WPA2 wireless encryption
By Hack WiFi | November 20, 2013
If you enjoyed t his, please share it wit h ot hers!
Share t his wit h ot hers
Share
These acronyms refer t o different wireless encrypt ion prot ocols t hat are int ended t o prot ect t he
informat ion you send and receive over a wireless net work. These wireless encrypt ion prot ocols
were creat ed by t he Wi-Fi Alliance, an associat ion of over 300 companies in t he wireless net work
indust ry. The first prot ocol t he Wi-Fi Alliance creat ed was WEP (Wired Equivalent Privacy),
int roduced in t he lat e 1990s. WEP, however had serious securit y weaknesses and has been
,
PDFmyURL.com
2. superseded by WPA (Wi-Fi Prot ect ed Access). Despit e being easily hacked, however WEP
,
connect ions are st ill widely in use and may be providing a false sense of securit y t o t he many
people who are using WEP as t he encrypt ion prot ocol for t heir wireless net works (eit her because
t hey haven’t changed t he default securit y on t heir wireless access point s/rout ers or because
t hese devices are older and not capable of WPA or higher securit y).
Just as WPA replaced WEP, WPA2 has replaced WPA as t he most current securit y prot ocol. WPA2
implement s t he lat est securit y st andards, including “government -grade” dat a encrypt ion. Since
2006, all Wi-Fi CERTIFIED product s must use WPA2 securit y. In addit ion t o prevent ing uninvit ed
guest s from connect ing t o your wireless net work, wireless securit y prot ocols encrypt your privat e dat a as it is being t ransmit t ed
over t he airwaves.
Alt hough many of t hese issues have since been addressed, wireless net works are generally not as secure as wired net works. Wired
net works, at t heir most basic level, send dat a bet ween t wo point s, A and B, which are connect ed by a net work cable. Wireless
net works, on t he ot her hand, broadcast dat a in every direct ion t o every device t hat happens t o be list ening, wit hin a limit ed range.
WEP, WPA, and WPA2 wireless security protocols
Wired Equivalent Privacy (WEP): The original encrypt ion prot ocol developed for wireless net works. As it s name implies, WEP was
designed t o provide t he same level of securit y as wired net works. However WEP has many well-known securit y flaws, is difficult t o
,
configure, and is easily broken.
Wi-Fi Prot ect ed Access (WPA): Int roduced as an int erim securit y enhancement over WEP while t he 802.11i wireless securit y st andard
was being developed. Most current WPA implement at ions use a preshared key (PSK), commonly referred t o as WPA Personal, and
t he Temporal Key Int egrit y Prot ocol (TKIP, pronounced t ee-kip) for encrypt ion. WPA Ent erprise uses an aut hent icat ion server t o
generat e keys or cert ificat es. Wi-Fi Prot ect ed Access version 2 (WPA2): Based on t he 802.11i wireless securit y st andard, which was
finalized in 2004.
The most significant enhancement t o WPA2 over WPA is t he use of t he Advanced Encrypt ion St andard (AES) for encrypt ion. The
PDFmyURL.com
3. securit y provided by AES is sufficient (and approved) for use by t he U.S. government t o encrypt informat ion classified as t op secret
— it ’s probably good enough t o prot ect your secret s as well!
Protect Your Ass
At t his point , you have probably not iced several vulnerabilit ies t hat WPA PSK crackers exploit .
You could be a vict im by sharing your net work wit h st rangers, using common passwords or
set t ing your WIFI set t ings for public. There is not hing you can do about some of t hose
vulnerabilit ies. But t here are several st eps you can t ake t o mit igat e ot her vulnerabilit ies and
prot ect your WLAN against WPA PSK crackers.
WPA PSKs are part icularly easy t o guess if you choose a passphrase t hat is composed of word(s) easily found in a password
dict ionary, or words t hat anyone might easily associat e wit h you (e.g., your surname, your pet ’s name).
The st rongest passphrases are not words but randomly-generat ed st rings t hat mix case, let t ers and numbers.
WPA PSKs t hat are t oo short are also much easier t o guess. When configuring a passphrase, t he IEEE 802.11i st andard st rongly
recommends using at least 20 charact ers. If you can’t come up wit h your own long random st rings, t ry a random password generat or
(e.g., keygen, wlankeygen).
Some product s let you configure act ual 256-bit PSK values, rat her t han ent ering t he
ASCII passphrase used t o generat e t he WPA PSK. In a few product s, you can
ent er t he PSK as a hex st ring. In ot hers, pushing a but t on causes t he AP and st at ion
t o derive t heir own random PSK (e.g.,Broadcom SecureEasySet up). In January, t he WiFi Alliance announced Wi-Fi Prot ect ed Set up (WPS), a cert ificat ion program int ended t o
simplify configurat ion — including st rong PSK generat ion.
Given t he exist ence of published WPA PSK lookup t ables for common SSIDs, it can
PDFmyURL.com
4. also be helpful t o give your WLAN a unique SSID. Using a common or default SSID increases t he odds of a successful WPA PSK
dict ionary at t ack against your WLAN.
WPA PSK crackers can be avoided alt oget her by st epping up t o WPA/WPA2-Ent erprise. Small businesses should give t his very
serious considerat ion. Aside from crackers, passphrases have all t he usual password drawbacks, like when workers share your
passphrase or lose a configured lapt op. If 802.1X sounds t oo hard, check out ent ry-level solut ions (e.g., Wit opia SecureMyWiFi,
ZyXEL ZyAir B-1000).
If you enjoyed t his, please share it wit h ot hers!
Share t his wit h ot hers
Share
Google+
Hack WiFi
Fo llo w
6
Category: General WiFi Hacking
← Now Hiring! How t o Become a Wireless Securit y Audit or
Hacking Soft ware for WiFi Securit y Professionals →
Leave a Reply
You must be logged in t o post a comment .
PDFmyURL.com
5. Search
Recent Post s
Kali Linux – Initial Setup and Configuration Guide
Hacking Software for WiFi Security Professionals
WEP vs. WPA vs. WPA2 wireless encryption
Now Hiring! How to Become a Wireless Security Auditor
When WiFi Hacking Fails – DoSing Wireless Networks with MDK3
Hack WiFi with Crunch or Hash Cat – No Dictionaries Needed
Use the Fern WiFi Cracker to crack WEP Encrypted Networks
Battlefield Internet – Cyber Safety Today
MAC Spoofing and Packet Injection
NSA Surveillance – How Do You Feel About Government Spying?
E Safety Online – A Beginners Guide to Online Safety
How to Hack Wifi – Learn How to Do It For Free Here
WiFi Hack – Learn Basic WEP Cracking Free
Hacking Tricks for WPA and WPA2 WiFi Networks
WiFi Password Hack – Advanced Techniques When All Else Fails
Cat egories
Select Cat egory
PDFmyURL.com
6. Pages
About
Contact
Privacy Policy
Terms and Conditions
How t o Hack WiFi
Hacking Software for WiFi Security Professionals
WEP vs. WPA vs. WPA2 wireless encryption
Now Hiring! How to Become a Wireless Security Auditor
When WiFi Hacking Fails – DoSing Wireless Networks with MDK3
Hack WiFi with Crunch or Hash Cat – No Dictionaries Needed
Use the Fern WiFi Cracker to crack WEP Encrypted Networks
Battlefield Internet – Cyber Safety Today
MAC Spoofing and Packet Injection
NSA Surveillance – How Do You Feel About Government Spying?
E Safety Online – A Beginners Guide to Online Safety
PDFmyURL.com
7. The owner of t his websit e, Furious Pinat a, is a part icipant in t he Amazon Services LLC Associat es Program, an affiliat e advert ising
program designed t o provide a means for sit es t o earn advert ising fees by advert ising and linking Free How t o Hack WiFi t o Amazon
propert ies. Copyright 2013
www.freehowt ohackwifi.com
Iconic One Theme | Powered by Wordpress
PDFmyURL.com