What Are WEP, WPA, TKIP, AES and PSK?
As you may know these are all acronyms to do with encryption used in wireless networking.
Nowadays most households have a wireless router so all family members can visit the internet.
You may even have a wireless printer attached. Your computers all need wireless access but
you don't want to give access to just anyone nearby. Hence, you need encryption. But what are
all these weird options? Here is an explanation of each encryption type, what it does and its advantages.
WEP (Wired Equivalent Privacy) is an old encryption type. It's used extensively in wireless
networking even though it's quite easy to hack into. It is the default encryption on many wireless
routers and as a result it is currently the most commonly used. Use this if you are not too
worried about a geek hacking in and stealing your internet connection. The chances are small.
Otherwise go for something better.
WPA (Wi-Fi Protected Access) addresses the shortcomings of WEP and is much more difficult
to hack. WPA came out around 2002. The geek next door may take 10 minutes to hack your WEP,
but may take a day or two to hack WPA. WPA was the interim format while WPA2 is the final,
more secure, version.
TKIP (Temporary Key Integrity Protocol) is used within WPA above. This solution is very
hard to hack but there is a flaw in the encryption which presents a slight vulnerability. The
great thing about TKIP is it is compatible with older hardware (pre 2003 wireless network cards).
AES (Advanced Encryption Standard) is not compatible with pre 2003 hardware but is almost
impossible to hack if a good key/passphrase is chosen. AES has been adopted by the US
government as their standard encryption. It is the used in the final version of WPA (WPA2).
All of the above use PSK (Pre Shared Key) which just means you have chosen a passphrase
or key that will be known by the router and the computer to connect each other.
I mentioned earlier that with AES you have to choose a good key or passphrase. This is
essential to thwart Brute Force attacks where a hacker tries millions of different keys in the hope
that one works. Your passphrase or key should be random and contain a mix of letters and numbers.
This applies to all of the above encryption formats if you are worried about being hacked.
For the average home owner with a few laptops and PC's of varying age WEP is a perfectly
acceptable solution. The chances of some nerd being interested in hacking your password is
minimal. Even if he/she does they will only be able to steal some of your bandwidth. As they
say if it all works don't fix it. Business users with sensitive data should not use WEP for
the reasons outlined above. You may not think your data is that important but customer lists
with working emails are worth big bucks to unscrupulous marketers.
If you think you need to change your wireless encryption it's really quite easy. In your
internet browser type in the IP address of your router. This is usually 192.168.1.1 or 192.168.2.1
or 192.168.11.1 depending on the manufacturer. You should be required to enter a password to
gain access to the router settings. If no password is required you must set one in the router
configuration menu. With no password set anyone can get into your router and start messing
with the configuration.
Next look at the wireless encryption settings and follow the instructions. Once changed
you will have to make the same change to each device that uses the network and give them the
new key/passphrase (PSK). Hope this helps!
Rory Cain is an engineer currently specialising in computer repair in Vancouver BC.
[the website www.vanpcsystems.com cannot be found].
More Windows Administration Information:
• Top Tips To Secure Your Online PC
• Video - Protect Your Files with Free SafeHouseExplorer Encryption Application
• Firefox Security Options
• Computer Architecture, Software and Firmware, and the CISSP Exam
• Has Malware Turned Off Your PC's User Account Control?
• Beginner's Guide to Computer Forensics
• Social Engineering Attack Counter Measures
• PC Chassis Intrusion Detection
• Computer Architecture, Hardware domain of the CISSP Exam
• Turn On Your Browser's Phishing Filter