Aug 05

WPA is a more powerful security technology for Wi-Fi networks than WEP. It provides strong data protection by using encryption as well as strong access controls and user authentication. WPA utilizes 128-bit encryption keys and dynamic session keys to ensure your wireless network’s privacy and enterprise security.

There are two basic forms of WPA:

• WPA Enterprise (requires a Radius server)
• WPA Personal (also known as WPA-PSK)

Either can use TKIP or AES for encryption. Not all WPA hardware supports AES.

WPA-PSK is basically an authentication mechanism in which users provide some form of credentials to verify that they should be allowed access to a network. This requires a single password entered into each WLAN node (Access Points, Wireless Routers, client adapters, bridges). As long as the passwords match, a client will be granted access to a WLAN.

Encryption mechanisms used for WPA and WPA-PSK are the same. The only difference between the two is in WPA-PSK, authentication is reduced to a simple common password, instead of user-specific credentials.

The Pre-Shared Key (PSK) mode of WPA is considered vulnerable to the same risks as any other shared password system – dictionary attacks for example. Another issue may be key management difficulties such as removing a user once access has been granted where the key is shared among multiple users, not likely in a home environment.

Tags: , ,