Pages Menu
Rss
Categories Menu

Posted in Tech

WEP vs. WPA

WEP vs. WPA

At a Glance

WPA was created to replace the older flawed Wi-Fi security standard, WEP. Unless your devices don’t support WPA, there’s no reason not to upgrade.

An unsecured Wi-Fi network is an unacceptable security risk; anyone with so much as a laptop can easily spy on network traffic, read and write shared files and folders, or even exploit security holes in the operating system to compromise your PC. This is why the IEEE 802.11 Wi-Fi standard includes a network security layer; neither WEP nor WPA is a separate product. Both specifications are part of the same standard, every bit as fundamental to it as elements like the radio frequency are. For a layman, the fact that there are two such solutions could be confusing; which do you want to use, if they’re both the “standard” Wi-Fi security algorithm? To understand this, we’ll start with a little history lesson.

History – The Problem With WEP

WEP is an older part of the Wi-Fi specification than WPA; it dates back to the original 1999 version of the document, as a matter of fact. It hasn’t changed much since then; it encrypts data using a 40-bit or 104-bit key, joined with a 24-bit initialization vector. That 24-bit initialization vector is the big problem. The same value should never be used twice; in WEP, though, it can be recycled after as few as 5000 packets. The result is that the standard is very easily exploited; WEP security was broken as early as 2001 with the Fluhrer, Mantin, and Shamir attack; while early, proof-of-concept attacks developed by cryptographers for demonstration purposes are ordinarily not themselves a real threat to users, the flaws of the WEP algorithm are severe enough that the same algorithms can be easily implemented by even hobby coders. A WEP key can be retrieved with no more effort than running one script and waiting a minute or two.

Pictured at top: ASUS Gigabit Router

The Origin of WPA

WPA was designed specifically to replace the flawed WEP algorithm. The original WPA standard was put in place in 2003 to provide a functional security system for Wi-Fi as soon as possible; in 2004, this provisional version was replaced with the modern WPA2 standard. WPA2 uses a complex AES-based encryption protocol for optimum data security; AES has been theoretically broken in that a key can be retrieved more quickly than with a brute-force attack, but in practice retrieval of an AES key is still wildly impractical. That means that WPA2 remains secure as of the time of this writing.

What Would I Want With WEP?

Despite the tremendous security advances that WPA has over WEP, there’s still some limited reason to use WEP for security. That comes from the fact that many older devices such as the original Nintendo DS don’t support WPA; if WEP is the only security option that fits the needs of your network, it is better than nothing. Despite its holes, it does require more work than simply connecting to an unsecured network; while anyone who’s serious can get through WEP with ease, it suffices to keep nosy neighbors from using your connection. However, WEP is a deprecated part of the Wi-Fi standard for a reason; absent circumstances that mandate its use, there’s no real advantage over WPA.

What Impact Does Security Have On Network Speed?

This is a popular question, but, really, neither WEP or WPA adds any noticeable amount of lag to your network. Yes, they perform cryptographic functions with each packet – but the amount by which they slow down the network is minuscule; modern computer hardware performs billions of operations per second, and there’s no noticeable impact from adding a few more for some simple encryption and decryption. WPA is slightly slower than WEP, yes, but you’d have to be watching the bits cycle by cycle in a laboratory setting to tell the difference.