WiFi Protected Access (WPA) and WiFi Protected Access II (WPA2) are two security protocols and security certification programs developed by the WiFi Alliance to secure wireless computer networks. WiFi Protected Access (WPA) is a security standard for users of computers equipped with WiFi wireless connection. It is an improvement on and is expected to replace the original Wi-Fi security standard, Wired Equivalent Privacy (WEP). WiFi Protected Access (WPA) protocol implements the majority of the IEEE 802.11i standard. Specifically, the Temporal Key Integrity Protocol (TKIP), was brought into WPA. TKIP encryption replaces WEP’s 40-bit or 128-bit encryption key that must be manually entered on wireless access points and devices and does not change.

Advantages of WiFi Protected Access (WPA) Encryption Algorithm

  • Length of initialization vector IV is 48. This gives you over 500 trillion possible key combinations.
  • IV has much better protection with better encryption methods. This is prevention of reuse of IV keys.
  • Master keys are never directly used.
  • WPA has better key management.
  • Impressive message integrity checking.
  • Wi-Fi has a greater range outdoors and multiple overlapping access points can cover large areas.

Drawbacks/Limitations of WiFi Protected Access (WPA) Encryption

  • Wi-Fi is designed for medium range data transfers and they work up to 250-300 feet from the access point indoors.
  • As the distance between computer and the access point increases, there will be tremendous decrease in speed and quality.
  • Wi-Fi doesn’t help when there is interference from microwaves or cordless phones which use the frequency of 2.4 GHz.
  • Thus the security system of Wi-Fi products causes more problems.

Authentication Methods of WiFi Protected Access (WPA) Encryption

  • WPA-Personal – WPA-Personal is also referred as WPA-PSK [pre-shared key] mode. It is designed for home and a small network doesn’t require an authentication server. Each wireless network device authenticates with the access point using the same 256-bit key.
  • WPA-Enterprise – WPA-Enterprise is also referred as WPA-802. It is designed for enterprise networks and requires a RADIUS authentication server. An Extensible Authentication Protocol is used for authentication.

WiFi Protected Access (WPA) Vs WEP (Wired Equivalent Privacy)

WEP’s user authentication is considered insufficient. WEP is still considered useful for the casual home user, but insufficient for the corporate environment where the large flow. WPA is developed in response to serious weaknesses researchers had found in the WEP (Wired Equivalent Privacy). WPA provides more sophisticated data encryption than WEP and also provides user authentication. One of the key technologies behind WPA is the Temporal Key Integrity Protocol (TKIP). TKIP addresses the encryption weaknesses of WEP. Another key component of WPA is built-in authentication that WEP does not offer. With this feature, WPA provides roughly comparable security to VPN tunneling with WEP, with the benefit of easier administration and use. WPA provides “strong” user authentication based on 802.1x and the Extensible Authentication Protocol (EAP). WPA depends on a central authentication server such as RADIUS to authenticate each user. Wi-Fi Protected Access is a subset of and will be compatible with IEEE 802.11i (sometimes referred to as WPA2).