Scribd Logo
Upload

Welcome to Scribd!

  • The Difference Between WEP and WPA

    Uploaded by

    samdaka
    23 views1 page

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    23 views1 page

    The Difference Between WEP and WPA

    Uploaded by

    samdaka

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    The Difference Between WEP and WPA

    bwilds | Oct 30, 2007 | Comments (8)

    I often discuss why you should use WPA verses WEP, but I thought some of you might be interested
    differences between WEP and WPA which may also shed some light on why you'd want to choose WEP
    over WPA.

    Wired Equivalent Privacy, commonly called WEP is 802.11's first hardware form of security where both
    the WAP and the user are configured with an encryption key of either 64 bits or 128 bits in HEX. So
    when the user attempts to authenticate, the AP issues a random challenge. The user then returns the
    challenge, encrypted with the key. The AP decrypts this challenge and if it matches the original the client
    is authenticated. The problem with WEP is that the key is static, which means with a little time and the
    right tool a hacker could use reverse-engineering to derive the encryption key. It is important to note
    that this process does affect the transmission speed.

    The University of California at Berkley and the University of Maryland performed studies on WEP and
    found that they could typically decrypt a WEP key in at least 8 hours to several days. A more recent
    study by AT&T Labs outlines a modification of this technique that enables retrieval of the network key in
    fifteen minutes or less! Even more recently the FBI demonstrated the 3-minute WEP crack. Why is this
    scary? It's scary because this means that an attacker can have unrestricted access to the networks
    resources within minutes!

    The next generation of hardware security is Wi-Fi Protected Access commonly know as WPA. WPA
    solves WEP's static encryption key issue. WPA uses a Temporal Key Integrity Protocol (TKIP), which
    changes keys with every data packet. It also includes message-integrity checks that guard against forged
    packets. Of course WPA is not without flaw, for increase security we sacrifice more of our speed!
    Another weakness with WPA exists when the home version is used, which utilizes a shared pass phrase.
    If the user chooses a pass phrase that might be found in the dictionary and/or uses a pass phrase that is
    less then 21 characters, WPA can be cracked using a brute force dictionary attack.

    You might also like