Wi-Fi Protected Access 2 (WPA2)

Wi-Fi Protected Access 2 was primarily made as an upgrade from the previous security protocols, namely WEP and WPA. The WPA2 standard included the full security requirements in line with the security standards of IEEE 802.11i.[1] This upgrade delivers more secure network access control and stronger data protection. Upon approval of the IEEE 802.11i specification in July 2004, the WPA2 was released based on the Robust Security Network (RSN) mechanism.[2] The WPA2 supported mechanisms available in the WPA together with a few upgrades as listed below.

  • Provision of stronger support to both infrastructure and ad-hoc networks in terms of encryption and authentication. The previous security protocol (WPA) was only limited to infrastructure networks;
  • Provision of opportunistic key caching. This is to primarily lessen overhead roaming amongst access points;

A mandatory WPA2 certification was ordered by the WiFi Alliance in 2006. This certification ensures that all hardware manufactured from that day on supported the two security protocols, specifically WPA and WPA2.

The use of WPA2 gives WiFi users a higher level of security so that data shared over the network can only be accessed by authorized users. Two versions of WPA2 are available today. One is WPA2-Personal which safeguards the network access by providing a set-up password. The WPA2-Enterprise, on the other hand, authenticates networks users via a server.[3]

Common Issues

Devices such as laptops, tablets, smartphones, and computers do a lot of exchange over the internet. These include online streaming, data and files exchange over WiFi networks. To ensure that these exchanges are safe, security protocols such as WEP, WPA, and WPA2 are used. In this instance, these security protocols are a work in progress, and WPA2 is not exempted from the issues that most security protocols are experiencing. Some of these issues are easy to fix and manageable, below are the different issues and how to solve it.

Drivers

Interaction of computers via a specific hardware component is made possible through hardware drivers. These drivers should be kept up to date for it to run smoothly. Old hardware can still be upgraded depending on the year it was manufactured. WPA2 updates also give support to internal and external wireless cards that didn’t have prior access to it. To connect to a WPA2-secured wireless network, the correct driver must be installed.

Hardware

If the network card is not compatible with WPA2 or does not have a driver update, purchasing a new wireless adapter is the solution. Removable PCI wireless cards are mostly used by desktop computers. Built-in wireless adapters are most commonly found on laptops. Although there is already a built-in adapter, the USB port can still be used by connecting a USB wireless network adapter.

Router Settings

When the previous solutions provided do not work, changing the router setting may address the problem. Checking the router’s manual to modify the settings. To completely verify if the WPA2 is the problem to no connectivity, the user should completely disable the router’s wireless security. Restore wireless security immediately after testing. This is to make sure that no one can have access to your network. Most routers permit automatic connection between WPA and WPA2 compatible devices.[4]

Limitations

WiFi Protected Setup together with WPA2 is supported by most routers in use today. Simplifying the process of home network security is the main role of WPS. Although, it is serving its purpose, there are still flaws on its implementation that are affecting its security.

Attackers that wish to connect to the network need to determine the WPA2 PSK used by the client. This happens when both WPS and WPA2 are disabled. This process is very time consuming and does not work most of the time. If the WPS and WPA2 are enabled, the WPS pin is the only thing that the attacker needs to crack. With this, experts suggest the WPS be always disabled. If both WPA and WPA2 are enabled, interference often happens resulting in connection failures for clients.

The use of WPA2 also entails poor performance in your network connection. This is attributed to the additional overhead load process of encryption and decryption. But this is a small price to pay for a secure connection.[5]

KRACK

Key Reinstallation Attacks (KRACK) is one of the weaknesses revealed in the implementation of WPA2. These weaknesses can be exploited if the attackers are within the network’s range. KRACK is used to gather data previously presumed to be safely encrypted. Among these data and information are passwords, credit card information, emails, photos and even chat conversations. This attack is common in all modern WiFi networks. Another serious flaw of WPA2 is the possibility of manipulation of data by injecting malware and other bugs into the websites.

These weaknesses are observed in the WiFi configuration itself and not it the implementation and products used (e.g hardware and software). Prevention of these attacks is possible by keeping security updates up to date. Every device that uses WiFi is prone to this vulnerability.

Initial research discovered that almost all operating systems and networks such as Apple, Windows, Android, OpenBSD, Linksys, and MediaTek are affected by this, at one point or another. WPA2, although vulnerable to this kind of attack, still is the most reliable security protocol for both private and public networks. Network management should be tightened and properly updated from time to time to avoid any mishap and possible damage.[6]

To mitigate potential damage, all WiFi enabled devices including laptops, smartphones, and tablets should have security updates as soon as it’s available. It is not necessary to change your router’s WiFi network password; however, the data stored is still vulnerable to the attack since the password protection only applies to your router. The devices connected are the ones at risk.[7]

Proper network management is key to keeping unauthorized persons or group from getting access and getting a hold of data shared. One quick tip is to constantly change the network’s password.


  1. https://www.hpcfactor.com/support/cesd/h/0029.asp ↩︎

  2. https://www.networkworld.com/article/2306774/explaining-wpa2.html ↩︎

  3. https://www.webopedia.com/TERM/W/WPA2.html ↩︎

  4. https://smallbusiness.chron.com/problems-accessing-wifi-wpa2-39070.html ↩︎

  5. https://www.lifewire.com/what-is-wpa2-818352 ↩︎

  6. https://www.krackattacks.com/ ↩︎

  7. https://us.norton.com/internetsecurity-emerging-threats-what-to-do-about-krack-vulnerability.html ↩︎