Wireless Security: WEP and WPA
I have written several posts with regards to securing your wireless network connection. In many of those posts I have talked about choosing WPA over WEP, and briefly explained why I do that. In a post titled Network Glossary of Terms I provided a simple definition for both security protocols.
I have decided to expand on those definitions by providing a more information post about WEP and WPA. Hopefully, this post will help you better understand how a wireless network is secure.
About Wireless Network Security
Networks have been around for many years, and with the advent of broadband Internet connections, they have also appeared in homes. Many of these networks were simple LANs with probably two computers connected by a cable. All that was really needed was applying security within the operating system, a software and hardware firewall and all was good. Unless someone connected directly into your network using a cable, your network was relatively safe and secure.
For the past many years, however, many of these networks have included a laptop or desktop with a wireless connection. Wireless now allows users to connect to the Internet from anywhere in their home with the need to connect using a cable. One security problem was created: the wireless signals are broadcasted over radio signals that allow anyone with a wireless network adapter to easily connect.
To secure these wireless connections, some security protocols were created to prevent unauthorized users from accessing the network. These security protocols are known today as WEP, WPA and now WPA2.
Wired Equivalent Privacy (WEP)
In September 1999 a set of wireless connection standards was ratified and was given the name IEEE 802.11. These standards included the WEP encryption protocol as the means of protecting data over a wireless connection.
Back in 1999, the US Government placed restrictions on the key size for encrypting data. This allowed only 64 bit WEP encryption, which uses a 40 bit key included with a 24 bit initialization vector (IV). Since that time the restrictions have been removed and a 128 bit (140 bit key size) WEP key has been used. This is usually entered as 26 hex characters (4 bits) by the user (26 times 4 bits is 104 bits). Using 128 bit keys is known as WEP2.
WEP works by encrypting each frame of the payload before transmission. WEP concatenates the key supplied by the user with the random-generated 24 bit IV. The IV can be changed for each frame, although it is not required under IEEE 802.11. The resulting "seed" is then inputed into a random number generator to produce a keystream equal to the length of the frame’s payload and a 32 bit integrity check value (ICV).
Before transmitting the data, the keystream and the payload/ICV is combined through a bitwise XOR process to produce cyphertext (encrypted data). The IV is included in the first few bytes of the frame body, and is not encrypted. The client then uses the IV and the shared key to decrypt the payload data.
Security Issues with WEP
You may have heard that there is a security problem with WEP encryption. The first problem with WEP is the relative small size of the IV and keys. Since only 24 bits are used for the IV, WEP can eventually use the same IV for different packets. This can be more of a problem on a busy wireless network. If a hacker were to capture enough of the frames that include the same IV, they can then determine the shared keys that are among the frames. This can then lead to the hacker decrypting the data.
Another problem with WEP is the static shared keys. Administrators can use the same shared keys for weeks, months, and even years at a time. This can give a hacker plenty of time to determine the shared key and then compromise your wireless network.
To solve these issues, a new security protocol was developed called WPA.
Wi-Fi Protected Access (WPA/WPA2)
In response to the weaknesses of the WEP security protocol, the Wi-Fi Alliance created Wi-Fi Protected Access or WPA. Based on a draft 3 of the IEEE 802.11i standard, WPA is designed to enable standard-based security on wireless networks for products that pre-date the IEEE 802.11i standard.
There are several differences between WEP and WPA. For one, WEP uses 128 bit keys with 24 bit IV, while WPA uses 128 bit keys with a 48 bit IV. WPA uses the Temporal Key Integrity Protocol (TKIP), which dynamically changes keys as the system is used. The combination of the larger IV and TKIP makes WPA more secure than WEP.
Once the 802.11i standards were released all mandatory elements were implemented in WPA2. This also includes a new algorithm called AES-based (Advanced Encryption Standard) that is considered to be fully secure. Unlike WPA, WPA2 may not be supported by older network devices, but they may be compatible after a device driver update.
For home users the most important aspect to setting up WPA security is to create a passphrase. This passphrase must be entered by every client who wishes to access your wireless network. Unlike passwords, a passphrase must be between 8 and 63 characters in length. The close a passphrase is to 63 characters, the more secure it will be.
This post provided an overview to WEP and WPA/WPA2. If your wireless router allows you to set WPA then you should choose WPA over WEP. If you don’t have the option to set your router to WPA, then you should choose WEP as some security is better than no security.