WEP vs WPA vs WPA2 | Difference between WEP,WPA,WPA2
This page compares WEP vs WPA vs WPA2 and mentions difference between WEP, WPA and WPA2. It describes WEP encryption and WEP decryption block diagram, mentions WEP drawbacks and 802.1x authentication used in WPA. It provides link to AES encryption used in WPA2 algorithm.
Wireless security has been a concern since long due to open air transmission medium used by it. Inspite of many security mechanisms incorporated in wireless, it can never be 100% secure mode of data transmission. There are various wireless networks based on different standard based technologies such as zigbee, GSM, WLAN, Zwave, bluetooth etc. WEP, WPA and WPA2 are encryption algorithms used in WLAN wireless network or wifi network.
WEP Encryption and WEP Decryption
Following are the features of WEP (Wired Equivalent Privacy):
• WEP is symmetric as same keys are used for encryption and decryption.
• It uses 40 bit key for encryption (non-standard versions can use 128 bit or 256 bit) and 24 bit pattern for IV (Initialization Vector).
• It uses RC4 stream cipher to provide confidentiality and CRC polynomial of 32 bit size for data integrity.
• The WEP encryption and WEP decryption process uses simple XOR as explained below.
Figure:1 WEP Encryption Process Block Diagram
The fig-1 depicts WEP encryption procedure.
There are two processes being applied to plaintext in WEP.
One process encrypts the plaintext while the other protects the data from any modification by intruders.
Following are the steps involved in WEP encryption process:
• Encrypt the plaintext using 64 bit key. Here 64 total bits consists of 40 bit secret key and 24 bit initialization vector (IV).
• As shown RC4 uses key value as initial seed and generates PN key sequence.
• The PN key sequence is XORed with data. The resulting encrypted bytes have same length as input data bytes.
• The 4 bytes IV value is added with ciphertext before transmission.
• RC4 algorithm is applied on plain text, ICV and key sequence in order to generate cipher text. This is done to prevent data modification by unauthorized person.
Figure:2 WEP Decryption Process Block Diagram
Following are the steps involved in WEP decryption process:
• IV value from incoming message is used to generate key sequence. It is used to decrypt the incoming message.
• RC4 algorithm is applied to cipher text with key sequence to produce original plaintext as well as ICV.
• New ICV is determined based on received plaintext.
• The algorithm is verified for correctness by comparing new ICV with the one decoded from received data.
• If both new ICV and decoded matches received message is considered to be correct otherwise it will be discarded.
Drawbacks of WEP Encryption Algorithm
Following are the drawbacks of WEP encryption:
• Analysis of captured traffic can reveal shared key used.
• It uses smaller key size of length 40 bits and IV of length 24 bits are more prone to attacks.
• WEP allows NICs to authenticate APs. There is no way by which APs can authenticate the NICs. This leads to possibility by hacker to re-route the data to APs through some alternative un-authorized path or route.
WPA algorithm as described below has beeen developed to overcome the drawbacks of WEP encryption algorithm.
WPA Encryption Algorithm
The major problem with WEP compliant devices is that user either fails to activate WEP or do not change the default password. This leads to easy access for the hacker to wifi link. WPA help avoid this problem by automatically setting the keys after deriving from master key. Moreover WPA changes the keys at regular intervals to provide more robust link. WPA has been developed by the WiFi alliance.
There are two types of WPA algorithm viz. WPA enterprise and WPA personal. WPA enterprise type uses RADIUS server for authentication of users. WPA personal type depends on pre-shared key or password entered by users in the wireless devices. Once password is entered by users, TKIP protocol for periodic changing of the keys automatically.
Following are the features of WPA (Wi-Fi Protected Access):
• WPA provides assurance to users of wifi network that their data remains protected and only authorized persons are using the wifi network.
• WPA makes all the versions of 802.11 devices (e.g. 11a/11b/11g) to be secured and inter-operable.
• It uses dynamic session keys as per TKIP (Temporal Key Integrity protocol).
• TKIP protocol uses key size of length from 40 to 128 bits. It has larger size of keys compare to WEP. Authentication server checks the credentials of users and allows access to only authorized persons. Moreover keys are generated by authentication server and distributed to client (i.e. STATION) and AP (Access Point).
• WPA uses 802.1x authentication with EAP(Extensible Authentication Protocol). EAP handles presentation of credentials in digital certificate forms.
WPA2 Encryption Algorithm
Following are the features of WPA2 encryption algorithm:
• It is basically AES encryption as defined in IEEE 802.11i.
• It has been developed by wifi alliance in association with IEEE community.
Refer AES vs DES➤ and AES matlab code➤ for more information.
Figure:3 802.1x authentication message flow between Station, AP and Authentication server
The IEEE 802.11i defines RSN (Robust Secure Network) mechanism. RSN establishment procedure uses 802.1x authentication as well as key management protocols. There are three systems involved in RSN authentication viz. WiFi STATION, WiFi Access Point and Authentication Server.
There are three steps involved in RSN connection establishement used in WPA2.
-Request, Authentication and Association
-4 way handshake
The same message exchange have been shown in the figure-3 above.
Also refer Check list to protect wifi network➤.
Wireless security Related Links
What is Difference between
difference between FDM and OFDM
Difference between SC-FDMA and OFDM
Difference between TDD and FDD
Difference between 802.11 standards viz.11-a,11-b,11-g and 11-n
OFDM vs OFDMA
CDMA vs GSM
Bluetooth vs zigbee
Fixed wimax vs mobile
wibro vs mobile wimax
Microcontroller vs microprocessor
FDM vs TDM
wimax vs lte
RF heterodyne versus homodyne receiver
white noise Vs. colored noise