Can you explain the differences between WPA and WPA2 and provide some information on the different features and functionality?
In April 2003, the Wi-Fi Alliance introduced an interoperable security protocol known as WiFi Protected Access (WPA), based on draft 3 of the IEEE 802.11i amendment. WPA was designed to be a replacement for WEP networks without requiring hardware replacements, using a subset IEEE 802.11i amendment. Organizations who adopt WPA can take advantage of the following features:
- Strong cryptography support from the Temporal Key Integrity Protocol (TKIP), based on the RC4 cipher;
- WPA-Enterprise, a mechanism for network authentication using IEEE 802.1x and a supported EAP type, one of EAP/TLS, TTLS or PEAP;
- WPA-Personal, a mechanism for using TKIP without IEEE 802.1x authentication by using a shared passphrase, intended for consumer networks.
In July 2004, the IEEE approved the full IEEE 802.11i specification, which was quickly followed by a new interoperability testing certification from the WiFi Alliance known as WPA2. WPA2 is based on the Robust Security Network (RSN) mechanism, which provided support for all of the mechanisms available in WPA, as well as:
- Strong encryption and authentication support for infrastructure and ad-hoc networks (WPA is limited to infrastructure networks);
- Reduced overhead in key derivation during the wireless LAN authentication exchange;
- Support for opportunistic key caching to reduce the overhead in roaming between access points;
- Support for pre-authentication, where a station completes the IEEE 802.1X authentication exchange before roaming;
- Support for the CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) encryption mechanism based on the Advanced Encryption Standard (AES) cipher as an alternative to the TKIP protocol.
As of March 2006, the WPA2 certification became mandatory for all new equipment certified by the Wi-Fi Alliance, ensuring that any reasonably modern hardware will support both WPA and WPA2.
By leveraging the RC4 cipher (also used in the WEP protocol), the IEEE 802.11i task group was able to improve the security of legacy networks with TKIP while the IEEE 802.11i amendment was completed. It is important to note, however, that TKIP was designed as an interim solution for wireless security, with the goal of providing sufficient security for 5 years while organisations transitioned to the full IEEE 802.11i security mechanism. While there have not been any catastrophic weaknesses reported in the TKIP protocol, organisations should take this design requirement into consideration and plan to transition WPA networks to WPA2 to take advantage of the benefits provided by the RSN architecture.
Joshua Wright is a senior security researcher for Aruba Networks and an editorial board member of the WVE. When he's not breaking wireless networks, he likes to work on his house, where he ends up breaking things of a different sort. This article appeared in Network World