WiFi Protected Access (WPA)

As day to day living requires the use of the internet, the service has become more and more in demand. With this, subscribers are inclined to secure the services they pay for so no unauthorized persons can connect and use it. WPA stands for Wi-Fi Protected Access. It is a technology developed to secure internet access for Wi-Fi networks. Prior to this, WEP or Wired Equivalency Privacy was the only security technology available but was later upgraded since its authentication and encryption features were weak.[1]

Since WEP’s flaws were hurting the connection, a need for an alternative was deemed necessary by the Wi-Fi Alliance. Although conflict has risen since writing a new security specification would take up a lot of time and require a careful process. The WPA was released in 2003 as an interim standard to answer the immediate need for a more secure protocol. The Institute of Electrical and Electronics Engineers (IEEE) still continues to work on this long-term.[2] Making use of encryption secures the connection. With this, nobody can access which pages are visited and other information shared.[3]

WPA Configuration

Unlike the 64 and 128-bit keys of WEP, WPA keys use 256-bit keys. Its most common configuration is called the WPA-PSK or WiFi Protected Access Pre-Shared Key. Meanwhile, one of the upgrades provided in WPA was the incorporation of message integrity checks. This determines if someone has intercepted packets while it is being transmitted from an access point to the client.

Another part of the advancement in WPA is the Temporal Key Integrity Protocol or TKIP. This is more secure than WEP's fixed key system since it uses a per-packet system.[4] Advanced Encryption Standard or AES, on the other hand, outdated TKIP. This was primarily used to protect classified data of the US government.

Types of WPA

There are two types of WPA that cater to different users. These are WPA-Personal and WPA-Enterprise.

WPA-Personal

This type is primarily used for small office use and for personal use at home. It doesn’t require an authentication server. A 256-bit authentication key is used for all wireless devices connected.

WPA-Enterprise

As the name suggests, it is primarily used in large businesses. A Remote Authentication Dial-in User Service (RADIUS) authentication server is applied for automatic key generation and authentication.[5]

Security Issues

The management of passwords is a vital part of ensuring utmost security. Even WPA with pre-shared keys can be hacked with improper IT management, although, this does not pose as a weakness in WPA in general.[6]

Pros and Cons

As an interim solution, the WPA is not perfect and has still a lot of room for improvement. Below are the advantages and disadvantages of using WPA security.

Advantages

WPA, unlike its predecessor, radically provides a more secure wireless security. It has additional authentication instead of just the basic encryption provided in WEP. It incorporates the RADIUS servers and allows the administration, logging, and auditing. If you cannot use WPA via a particular device, the WPA computers will communicate using WEP encryption. Another feature is the provision of backward compatible support to devices that are not upgraded. A Certificate Authentication (CA) is executed to block possible hacker’s access to the network. Part of the recommended configurations is the Certificate Authority Server. This is to give WPA computers security in terms of sharing keys with unknown persons or groups.

Disadvantages

Older firmware and operating systems cannot be upgraded to support WPA. WPA software must be present in computers, access points, and wireless adapters for WPA to function. WPA was released in 2003 shortly after WEP. Devices such as computers and routers and other equipment older than 2003 are not upgradable. In whatever version of WPA, for a connection to happen, the wireless access points and network clients must have the same configuration.[7] This is the same as the old WEP security standard. Denials of Service attacks can still happen even with WPA. A complicated setup is necessary and a hassle for typical home users.[8] Transmission time is longer due to the additional packet size. The use of a dedicated WPA hardware will make encryption and decryption will help.

Hardware Requirements

The use of WPA has greatly impacted the degree of security in network connections. Like WEP, WPA's predecessor, it needs physical hardware for the network make-up and can be used beside any 802.11b networks and as well as any 802.11g networks. These include the Wireless Network Interface Cards (Wireless NIC) and the Wireless Access Point (AP/WAP or Wi-Fi Enabled Router).

The Wireless NIC's function is to connect individual systems to a network. The AP/WAP, on the other hand, is used to create infrastructure connections. In addition, the implementation of WPA on the card must be supported in the network adapter driver layer. Drivers can add and or extend support for WPA with a given adapter along with the firmware.[9]

WPA Software Requirements

For WPA to work, it needs several tiers of software support alongside the hardware itself. Communication between the operating system and the driver is where this support will come from.

  • First layer - In the first layer, the compatibility of the driver with the WPA implementation should be maintained.
  • Second layer - For the second layer, the network layer in the OS should support 802.1x security. This is to communicate the WPA security protocol amongst the device driver and the operating system.
  • Third layer - In this layer, the operating system should be able to handle a 128-bit secured key generation, maintenance, and storage. The use of public, private, and private class shared keys of different encryption types must also be supported by the operating system.

Whichever security protocol is used in the company or enterprise, proper management of network shared keys and passwords is one easy way to keep unauthorized access to the network and home group.


  1. https://www.lifewire.com/definition-of-wifi-protected-access-816576 ↩︎

  2. https://searchnetworking.techtarget.com/feature/Wireless-encryption-basics-Understanding-WEP-WPA-and-WPA2 ↩︎

  3. https://help.gnome.org/users/gnome-help/stable/net-wireless-wepwpa.html.en ↩︎

  4. https://www.howtogeek.com/167783/htg-explains-the-difference-between-wep-wpa-and-wpa2-wireless-encryption-and-why-it-matters/ ↩︎

  5. https://www.techopedia.com/definition/4166/wi-fi-protected-access-wpa ↩︎

  6. https://www.networkworld.com/article/2329740/how-can-wpa-be-more-secure-than-wep-.html ↩︎

  7. https://www.xfinity.com/support/articles/wifi-protected-access ↩︎

  8. http://www.informit.com/articles/article.aspx?p=421706 ↩︎

  9. https://www.hpcfactor.com/support/cesd/h/0029.asp ↩︎