What are WPA and WPA2?

Today we will discuss two security standards that help your wi-fi connection secure and protects you from cybercriminals and hackers. These two standards are WPA and WPA2. WPA stands for Wi-Fi Protected Access, and it provides strong encryption and authentication mechanism while accessing the wireless network, which protects you from bad guys.

What is WPA?

As discussed earlier, WPA stands for Wi-Fi Protected Access. It supersedes the earlier security standard WEP (For more details, refer to an article on WEP). Now, what is WPA? WPA is a security standard developed by the wi-fi alliance, and it provides better encryption and authentication mechanism to secure wireless networks than WEP. It uses Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES) algorithms to randomize the secret key for cryptographic activities. It also supports RADIUS authentication to add more security features. After establishing the connection with the WPA network, secret keys are generated for encrypting further communication.

WPA-PSK refers to WPA Pre Shared Key for encrypting and decrypting the data during communication. It is similar to a secret key used in the WEP security standard. The only difference is in WPA's case; the secret key has been changed after some stipulated time using the TKIP algorithm. This makes it a little difficult for hackers to compromise the security of the wireless network.

What is WPA2?

WPA2 is an improved version of the security standard. It supersedes earlier security standard WPA and removes vulnerabilities. As we know WPA uses Temporal Key Integrity Protocol (TKIP) algorithm. Security researchers have found many security holes and vulnerabilities in the TKIP algorithm. Hence, the WPA2 standard came to overcome all these security issues. It is based on Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP). While the client is connecting to a wi-fi network by using this security standard, it creates a unique secret key every time for encryption and decryption of data. This makes it difficult for cybercriminals or computer hackers to eavesdrop on network traffic and compromise the wi-fi network.

WPA2 Protocol Flaw Discovered

Nowadays, nothing is secure. In October 2017, a vulnerability in the WPA2 security standard was discovered by security researcher Mathy Vanhoef. This flaw allows an attacker to eavesdrop on wireless network traffic. KRACK (Key Reinstallation Attacks) is the proof-of-concept (POC) exploit for the vulnerability. Refer to https://www.krackattacks.com/ for more details.