blackbar
idcloak on Google+
IDCLOAK KNOWLEDGE CENTER
 

FREE WEB PROXY

More options
Proxy server settings:



 

What's the difference between WEP. WPS and WPA2?

to_the_top_navigation

What's the difference between WEP, WPA, and WPA2?



Descriptive Image
globe

WEP, WPA and WPA2 are all wireless Internet security protocols. These are important in establishing a proper level of protection while you browse the web and perform sensitive transactions or send personal information from a wireless Internet device. These standards work by encrypting your data when it passes from your computer to the router (the information in your "network") and makes it secure so that anyone who attempts to intercept your information won't be able to read it and use it for malicious purposes. These three wireless Internet protocols were all developed subsequently, building off of and fixing the weaknesses of the previous one. The encryption algorithms for WiFi have made such dramatic progress that the first of these Internet protocols, WEP, is not recommended for use by any security expert because of its serious weaknesses. Let's look at the differences between all three in order to better understand why one is more secure than the other and to help you understand which one to use when configuring your wireless Internet device.

WEP Wired Equivalent Privacy

The first of the Internet security protocols, WEP, was meant to establish basic security for a wireless Internet connection. It possesses two very basic authentication methods, and a weak encryption algorithm. These lack the proper sophistication to hold up against the most amateur attack, and if an individual's router or device is configured using WEP, his or her connection can be cracked within minutes. The WiFi Alliance mandated improvements on WEP's weaknesses, and now all security experts warn against its vulnerabilities. Unfortunately, it is still the first security standard choice presented for configuration on a lot of wireless devices and remains in use mostly for compatibility reasons.

WPA WiFi Protected Access

WPA was created to address the serious weaknesses in WEP. WPA processes more protocols such as a better cipher for providing stronger encryption with a longer key length. Currently it's the most popular security standard chosen for configuring new wireless devices. Because it was introduced years later than WEP and right when WiFi was becoming increasingly popular, it is guaranteed to be on routers and most other wireless devices produced from 2003 onwards.



WPA2 WiFi Protected Access 2

Just as with WEP, WPA was found to have (slight) weaknesses, which could lead to intercepted wireless data. Therefore the WiFi Alliance developed an even stronger Internet security standard, producing WPA2. Although the most secure option of all three protocols, WPA2 is the least compatible with wireless devices because of the need to support additional capabilities, like RSN (Robust Security Network.) Because this is the most secure protocol, almost all new devices will or already have the capability, including iPhones and Android. WPA2 uses stronger integrity checks and Advance Encryption Standards (AES) which are different from WPA. That is, the encryption process and authentication is extremely complex, meaning it is nearly impossible to crack WPA2.

Conclusion

Most manufacturers have turned off the option for WEP, or at the least disabled the automatic configuration. However, it continues to be one of the protocols offered because of its universal compatibility with devices, and the thought is that some type of encryption is better than nothing. Sometimes in older wireless hardware home owners forget to configure any type of protocol, (before WEP was automatic) leaving them completely exposed.

When Google Street View captured personal information from unsecured wireless connections, it was precisely because of this. Make sure you're configuring your router with the strongest wireless standard, and if you're using multiple routers on one network, such as in an office, WPA2 is far superior to WPA.

Written by: 
Robin Welles; expats team, internet security team