To WEP or Not to WEP: Is WPA Really Better Than WEP?
Not all of us are networking experts. For some of us the whole concept of securing a wireless network connection is like reading greek. Well you know what? You don't need to have a degree in computer science to understand how wireless security in a wireless network works, or to understand the difference between WEP, WPA or WPA2. If you know some basic knowledge about it, that should be enough to help you set up a secured wireless network.
Let me start by explaining a bit about networking. A network is basically when you have a group of computers that are working together with the intention of sharing information. Technically there are different types of networks, and they are categorized by either topography, network architecture, scale and connection method. If you wish to learn more about networking and types of networking you can always check wikipedia for further information.
What we are concerned here is the network that requires a router and more specifically the wireless part of it. The router is the device that makes IP address sharing possible with more than one computer. The IP address is basically what you are paying for when you are subscribed to ISP's or internet providers in the same way that the telephone number is what you are paying for when you are subscribed to mobile or landline phone providers. Routers are designed with a NAT technology which is what makes it possible to convert the IP address from your internet provider or your Public IP address into a sort of extension number generally known as Private IP address. Most routers private IP addresses are in the range of 192.168.1.1 or 192.168.2.1.
You can connect computers to the internet via routers either through a wired connection or wireless network connection. Once the wireless feature of your router is activated and it is broadcasting it's network name or SSID almost anyone within range can tap into your wireless network, unless of course you have your network secured. Securing a wireless network means configuring it with a security key or passphrase which most people refer to as a password. There are a lot of ways of securing a wireless network, for the moment however we will only focus on the two most commonly used: WEP and WPA.
WEP vs. WPA
WEP and WPA are the two types of encryption techniques used to secure a wireless network. What we are trying to do here is gain a basic understanding of how these two encryption techniques work and the pros and cons of using WEP over WPA or vice versa.
WEP or Wired Equivalent Privacy
WEP or Wired Equivalent Privacy was the first type of encryption used in wireless network connections before WPA entered the picture. From the name itself, we may understand that WEP was designed to provide its users a degree of security equal to a wired connection. Why wired connection? Because a wired connection is basically what most technicians consider to be the most secured type of network connection. No hackers, no cracks can be used to overcome a connection that needs a cable to work. Whoever wants to intrude would need physical access to your computer.
When you configure a router you are usually given a choice between a 64 bit WEP encryption or 128 bit WEP encryption. If you choose the 64 bit WEP you will be required to think of a 10 digit hex combination and if you choose 126 bit WEP you will be asked to think of 26 combinations. When we say hex it means you are only allowed to use letters from A-F and numbers 0-9. Most people would find this tedious so you could either use all numbers in a combination that is easy to remember like your phone number for example or just 1234567890. However if you are trying to secure a wireless network, I recommend trying to use a combination which would be a little bit harder to guess. Another method would be to input a passphrase which would automatically generate a combination of hex codes for you. This is what they would refer to as the dynamic WEP.
The main weakness of a WEP security is its static hex code and lack of authentication. What you input on your router's page will remain the same unless you change it again. This makes it easy for hackers to figure out your security code by "listening" to your network traffic. This was a huge concern for large organizations with sensitive information that needed protection. The Wi-fi Alliance considered the WEP security to be not secured at all and does not recommend its use on any network. There are however some of us who might still be using computers or wireless devices that are only compatible with WEP. In such cases what you could probably do is try to change the WEP encryption code every now and then. After all any security is better than no security at all.
WPA or Wi-fi Protected Access
Since October of 2003 the Wi-fi alliance has made it mandatory for wi-fi devices to be compatible with WPA or Wi-fi Protected Access which uses the TKIP encryption and in September of 2004 they introduced the WPA2 which uses the AES encryption. By 2006, the Wi-fi Alliance requiered all Wi-fi Certified products to support WPA2. The TKIP or Temporal Key Integrity Protocol and AES or Advanced Encryption Standard are the encryption techniques which replaced the static WEP. Both generate keys that are dynamic, meaning these keys change on its own within a specific time frame which makes it difficult for hackers to crack the encryption code. AES made it even more harder in that it incorporates block ciphers or codes in 3 block sets, and these ciphers or codes are needed both to encrypt and decrypt data that's being passed through a WPA2 secured wireless network.
In other words, while the static WEP code makes it vulnerable to intrusions, the TKIP and AES encryption technologies of WPA and WPA2 respectively make it harder for hackers to crack because of its continously changing encryption codes and even a ciphered one in the case of AES in WPA2 which means that after figuring out the dynamic code, hackers will still need to decipher each cipher block and before they can do that the code would have changed again.
WPA has many advantages over WEP, indeed technology wise WPA is well advanced. The Wi-fi alliance recommends that users make use of the WPA2 even more so than WPA to secure their wireless networks be it enterprise or home networks. Unfortunately there are some cases when technology doesn't always work as they should be. Security wise, yes we should always use what's best out there, however some of our devices might not work well with new technology. In cases like these we might have to conceed to using WEP. In the end it's a choice of whatever will work best with the technology available to us