There are many types of Wi-Fi encryption you can use on modern Internet routers. So which one should you use? Many people don’t even use encryption, and those that do just pick an encryption type at random without knowing what they do. Most encryption types are better than nothing at all, but some are more suitable than others.
For a long time, WEP was considered to be an extremely good method of encrypting wireless connections. The acronym simply means Wired Equivalent Privacy. Originally it was only available in 64-bit configuration, but soon after 128-bit and even 256-bit encryption became available. Entering a 64-bit WEP Wi-Fi key was as simple as choosing a ten character hexadecimal number. Each character represented 4 bits, making 40 bits in total, and then 24 bits were added to complete the 64-bit key. WEP however, was proved to have many flaws mainly involving the short key size, which were relatively easy to crack. WEP also does not provide for security against altered packets – a process where packets of information is intercepted by an intruder and then altered before sending them back, making it look like the intruder is valid user.
These days, WPA (Wi-Fi Protected Access) and WPA2 have completely taken over from the old WEP encryption methods. You’ll probably still find WEP available on most routers, but it’s being phased out and someday it probably won’t be available at all. The main advantage WPA has over WEP is that it employs a powerful new feature called TKIP, or rather Temporal Key Integrity Protocol. TKIP is 128-bit, but instead of the key being static, it generates a new key for every packet of information that is sent, meaning it is a lot more secure. WPA also integrates a method of message integrity checks, used to defeat network attackers intercepting and altering data packets. WPA2 goes even further and replaces TKIP with CCMP. CCMP is an AES based encryption method that is much stronger even than TKIP.
In the home, you’ll probably want to use an encryption method called WPA-Personal. This is sometimes also called WPA-PSK. PSK stands for Pre-Shared Key, and is designed for home users and small offices where a server is not required for authenticating messages. It works by having each wireless device such as a laptop or smart phone authenticating directly with the wireless access point using the same key. Offices and large buildings may employ WPA-Enterprise. You can’t generally use this without a complicated authentication server set-up, but it does provide additional security.
Both WPA-SPK and WPA-Enterprise are available in WPA2, meaning even home users can now benefit from AES encryption over their Wi-Fi connections. All of these methods can transmit data at maximum speed, and you won’t notice any speed differences between each type of encryption. Therefore the recommendation is to use the best encryption you can. This means going for WPA2-PSK where you can in a home environment. There are new and more exotic types of Wi-Fi encryption becoming available, but for now even advanced users will find WPA2 more than adequate for most security applications.
If you are using wireless connections, you may want to check your router to make sure that it does not use encryption that can easily be cracked by users with the right toolset.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.