Wi-Fi Protected Access

Wi-Fi Protected Access (WPA) is a security standard to secure computers connected to a Wi-Fi network. Its purpose is to address serious weaknesses in the previous system, the Wired Equivalent Privacy (WEP) standard.

Wi-Fi Protected Access (WPA) and WPA2 are concurrent security standards. WPA addressed the majority of the IEEE 802.11i standard; and the WPA2 certification achieved full compliance. However, WPA2 will not work with some older network cards, thus the need for concurrent security standards.

Wi-Fi Protected Access included a 128-bit “temporary key integrity protocol” (TKIP) which dynamically produces a new key for each data packet; WEP only had a smaller 40-bit encryption key which was fixed and had to be manually entered on wireless access points (APs). TKIP was designed to be used with older WEP devices, with updated firmware. However, researchers did discover a security flow in TKIP concerning weaknesses in retrieving the keystream of data packets; it could only encrypt “short” (128 byte) data packets. This caused TKIP to be replaced with CCMP (sometimes called “AES-CCMP”) encryption protocol in WPA2, which provides additional security.

 

Applicable to both WPA and WPA2, there are two versions targeting different users:

  • WPA-Personal was developed for home and small office use and requires no authentication server; and each wireless device uses the same 256-bit authentication key.
  • WPA-Enterprise was developed for large businesses and requires a RADIUS authentication server that provides automatic key generation and authentication throughout the entire enterprise.

 

Post a Comment

0 Comments