WPA Vs. WEP

A Comparison Between Two Wireless Security Standards: WPA Vs. WEP

What is the difference between WPA and WEP? In this article, I explain the differences between these two wireless security standards.
Techspirited Staff
Last Updated: Feb 8, 2018
Any wireless network is vulnerable to interception and hacking, as the data is transmitted through radio waves. To prevent this wireless network hacking, the data is encrypted. WEP (Wired Equivalent Privacy) and WPA (Wi-Fi Protected Access) are two encryption standards, that are used for this purpose. WPA has been upgraded to WPA2 recently and it is supposed to be a lot more secure than WEP, which is its predecessor. In this article, I make a comparison between these two encryption standards, that may help you decide which one to opt for.

A Comparison Between the Two Encryption Standards

Since the beginning of wireless communication, security of transmitted data has always been a concern. For secured transmission of data through radio waves, encryption methods were developed. Data encryption is an important part of wireless networking. Before transmission, data is encrypted (converted into a cryptic form, using certain mathematical algorithms). If anybody intercepts the transmission, all he would see is garbled data. The receiving end of the data, has the decryption key, using which it decrypts the data. Today, cryptology is an applied field of science, that is devoted to the generation of encryption algorithms to secure data transmission.

Your wireless router is programmed, with such a wireless encryption program, that protects it from unauthorized access. The first wireless network security standard was WEP (Wired Equivalent Privacy), which was designed to provide the same level of security, as a wired network (which explains the name) and it was first released in 1997.

It was developed for the IEEE 802.11 wireless networks. When WEP was shown to be vulnerable to hacking, it was replaced by WPA (Wi-Fi Protected Access) and later updated with WPA2 for 802.11i wireless networks. Still, the standard continues to be used by some manufacturers. Let us have a look at the major differences between the two.

Comparison of Encryption Strength
Both, WEP and WPA2 use secret keys to encrypt data. Two complementary keys, that are used, are encryption and decryption keys. Encryption key is present at the wireless network source and decryption key is present at every receiving end.

The encryption keys in WEP consist of 64 bits or 128 bits. When it comes to the security of an encryption key, more bits make it stronger. In both these keys, 24 bits are reserved for the 'Initialization Vector (IV)'. Every data packet is encrypted with a combination of IV and a secret key. Ideally, the IV part has to be different for every packet but the secret key code is fixed.

So, when anyone intercepts the data, all they see is random nonsensical data, which is unreadable. Only the receiving end has the decryption key that converts the data back into original form. The 24-bit IV key can only have 16.7 million possible combinations. So, these keys have to be reused after a period of time, which is a major weakness in the WEP encryption strategy.

Reused keys or keys that are not changed, make it easier for hackers to crack the code. The fact that master keys are directly used, instead of temporary keys, makes a WEP-secured system, even more vulnerable. That is why, changing the key periodically, is important for the security of your wireless network.

Compared to WEP, instead of 24-bit initialization keys, WPA uses a 48-bit key, that provides as many as 500 trillion combinations. This means that the possibility of reusing the same key during transmission is lesser and consequently it is harder to hack. That itself makes it more secure than WEP. Also, it does not use the master secret keys directly and also provides message integrity checking facility. Moreover, to configure a router with WPA, you do not need to provide an encryption key. All you have to set is a plain English passphrase, that can vary from 8 to 63 characters in length.

A protocol called the TKIP (Temporal Key Integrity Protocol), is used to generate encryption keys using the passphrase and the SSID (service set identifier) for the network. WPA2 has an even stronger encryption program, which ensures that every new packet launched over the air, has a unique encryption key. That way, WPA encryption is very much more secure than WEP and it is the technology that you should opt for. The version which is mostly installed for home Internet use is WPA-PSK.

Speed Compared
If you compare the two standards, in terms of their effect on download speeds, you won't notice much of a difference. WPA has more calculations and processing than WEP and it is bound to put more load than WEP, but the slow down it can create, is very negligible. Your speed is more dependent on your router and modem configuration, as well as the bandwidth you have purchased.

Performance Comparison
In terms of performance, WPA2 or WPA is far better than WEP due to the increased security it provides. WEP can be hacked in a matter of minutes and that way its performance is quite poor, compared to WPA2, which was created to replace it.

WPA2 is better than WEP as its encryption method is more secure, compared to its predecessor. If you are getting a wireless network installed or thinking of updating the security of your existing network, opt for WPA2 encryption as it is definitely more secure than any other standard. WEP is a severely compromised security standard that can be easily hacked anyway. So, the choice between the two, is quite a no-brainer.