Types of Wi-Fi Encryption You Can Use

Melanie Gross
Sep 22, 2011
Updated • Jan 1, 2013
Encryption, Security
|
5

There are many types of Wi-Fi encryption you can use on modern Internet routers. So which one should you use? Many people don’t even use encryption, and those that do just pick an encryption type at random without knowing what they do. Most encryption types are better than nothing at all, but some are more suitable than others.

For a long time, WEP was considered to be an extremely good method of encrypting wireless connections. The acronym simply means Wired Equivalent Privacy. Originally it was only available in 64-bit configuration, but soon after 128-bit and even 256-bit encryption became available. Entering a 64-bit WEP Wi-Fi key was as simple as choosing a ten character hexadecimal number. Each character represented 4 bits, making 40 bits in total, and then 24 bits were added to complete the 64-bit key. WEP however, was proved to have many flaws mainly involving the short key size, which were relatively easy to crack. WEP also does not provide for security against altered packets – a process where packets of information is intercepted by an intruder and then altered before sending them back, making it look like the intruder is valid user.

These days, WPA (Wi-Fi Protected Access) and WPA2 have completely taken over from the old WEP encryption methods. You’ll probably still find WEP available on most routers, but it’s being phased out and someday it probably won’t be available at all. The main advantage WPA has over WEP is that it employs a powerful new feature called TKIP, or rather Temporal Key Integrity Protocol. TKIP is 128-bit, but instead of the key being static, it generates a new key for every packet of information that is sent, meaning it is a lot more secure. WPA also integrates a method of message integrity checks, used to defeat network attackers intercepting and altering data packets. WPA2 goes even further and replaces TKIP with CCMP. CCMP is an AES based encryption method that is much stronger even than TKIP.

In the home, you’ll probably want to use an encryption method called WPA-Personal. This is sometimes also called WPA-PSK. PSK stands for Pre-Shared Key, and is designed for home users and small offices where a server is not required for authenticating messages. It works by having each wireless device such as a laptop or smart phone authenticating directly with the wireless access point using the same key. Offices and large buildings may employ WPA-Enterprise. You can’t generally use this without a complicated authentication server set-up, but it does provide additional security.

Both WPA-SPK and WPA-Enterprise are available in WPA2, meaning even home users can now benefit from AES encryption over their Wi-Fi connections. All of these methods can transmit data at maximum speed, and you won’t notice any speed differences between each type of encryption. Therefore the recommendation is to use the best encryption you can. This means going for WPA2-PSK where you can in a home environment. There are new and more exotic types of Wi-Fi encryption becoming available, but for now even advanced users will find WPA2 more than adequate for most security applications.

If you are using wireless connections, you may want to check your router to make sure that it does not use encryption that can easily be cracked by users with the right toolset.

Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Dan said on September 22, 2011 at 4:24 pm
    Reply

    I was using WPA2 but my Asus router is acting flaky with it enabled and sometimes fail to connect my smartphone and laptop. After downgrading to WPA I never had any more connection problems.

  2. DrTrunks said on September 22, 2011 at 9:45 am
    Reply

    As we all know, a long password (pre-shared key) is very important! You can use WPA2 with a password like 123456789, but you might as well use WEP.

    Even though it may appear like WPA2 is ‘uncrackable’ or that it may take years:
    http://arstechnica.com/old/content/2008/12/gpu-based-wpawpa2-crack-struggles-with-good-passwords.ars
    Hackers nowadays will use graphics card instead of CPU’s (GPU’s get 1,5 times faster as every year). So changing your Wi-Fi password every few months along with your other passwords is a good practice.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.