Categories: ComputernetzwerkeDiffenTechnologieTelekommunikation

WPA vs WPA2 – Unterschied und Vergleich

WPA2 ist sicherer als sein Vorgänger WPA (Wi-Fi Protected Access) und sollte nach Möglichkeit verwendet werden. Drahtlose Router unterstützen mehrere Sicherheitsprotokolle zum Sichern von drahtlosen Netzwerken, einschließlich WEP, WPA und WPA2. Von diesen dreien ist WPA2 am sichersten, wie dieser Vergleich erklärt.

Im Jahr 2018 veröffentlichte die Wi-Fi Alliance WPA3 , das jetzt gegenüber WPA2 empfohlen wird. WPA3-zertifizierte Hardware wird jedoch voraussichtlich erst Ende 2019 allgemein verfügbar sein.

Contents

Vergleichstabelle

Vergleichstabelle WPA gegen WPA2
	WPA	WPA2
Stands For	Wi-Fi Protected Access	Wi-Fi Protected Access 2
What Is It?	A security protocol developed by the Wi-Fi Alliance in 2003 for use in securing wireless networks ; designed to replace the WEP protocol.	A security protocol developed by the Wi-Fi Alliance in 2004 for use in securing wireless networks; designed to replace the WEP and WPA protocols.
Methods	As a temporary solution to WEP’s problems, WPA still uses WEP’s insecure RC4 stream cipher but provides extra security through TKIP.	Unlike WEP and WPA, WPA2 uses the AES standard instead of the RC4 stream cipher. CCMP replaces WPA’s TKIP.
Secure and Recommended?	Somewhat. Superior to WEP , inferior to WPA2.	WPA2 is recommended over WEP and WPA, and is more secure when Wi-Fi Protected Setup (WPS) is disabled. It is not recommended over WPA3 .

Purpose

If a router is left unsecured, someone can steal your internet bandwidth, carry out illegal activities through your connection (and therefore in your name), monitor your internet activity, and install malicious software on your network. WPA and WPA2 are meant to protect wireless internet networks from such mischief by securing the network from unauthorized access.

Security Quality and Encryption

WEP and WPA use RC4 , a software stream cipher algorithm that is vulnerable to attack. Thanks to WEP’s use of RC4, small key sizes, and poor key management, cracking software is able to break past WEP security within minutes.

WPA was developed as a temporary solution to WEP’s many shortcomings. However, WPA is still vulnerable because it is based on the RC4 stream cipher; the main difference between WEP and WPA is that WPA adds an extra security protocol to the RC4 cipher known as TKIP . But RC4 by itself is so problematic that Microsoft has urged users and companies to disable it when possible and rolled out an update in November 2013 that removed RC4 from Windows altogether.

Unlike its predecessors, WPA2 makes use of Advanced Encryption Standard (AES) and CCMP , a TKIP replacement. No devices or operating systems updated prior to 2004 can meet these security standards. As of March 2006, no new hardware or device can use the Wi-Fi trademark without recognizing the WPA2 certification program.

AES is so secure that it could potentially take millions of years for a supercomputers’ brute-force attack to crack its encryption. However, there is speculation, partially based on Edward Snowden’s leaked National Security Agency (NSA) documents, that AES does have at least one weakness: a backdoor that might have been purposely built into its design. Theoretically, a backdoor would allow the U.S. government to gain access to a network more easily. With AES encryption serving as the backbone of WPA2 security and many other security measures for the internet, the potential existence of a backdoor is cause for great concern.

Encryption Speed

Security measures can reduce the data speeds, or throughput, you are able to achieve in your local network. However, the security protocol you choose can dramatically change your experience. WPA2 is the fastest of the security protocols, while WEP is the slowest. The video below is of a series of performance tests that showcase the different throughput each security protocol can achieve.

WPA2 Personal vs. WPA2 Enterprise

Wireless routers usually offer two forms of WPA2: “Personal” and “Enterprise.” Most home networks only have need for the personal setting. The video below describes the more technical differences between these two modes.

How to Secure a Wi-Fi Network

The following video briefly explains how to select a security protocol in a Linksys router’s settings.

Strong Passwords

While WPA2 is superior to WPA and far superior to WEP, your router’s security may ultimately depend on whether you use a strong password to secure it. This video explains how to create a strong password that is easy to remember.

You can also generate a random password. Password generators like Norton Password Generator and Yellowpipe Encryption Key Generator create a random string of characters with a mix of capitalization, numbers, punctuation, etc. These are the most secure passwords, especially when they are longer and include special characters, but they are not easy to remember.

Disadvantages of Wi-Fi Protected Setup (WPS)

In 2011, researchers from the U.S. Department of Homeland Security released an open source tool called Reaver that demonstrated a vulnerability in routers that use Wi-Fi Protected Setup, or WPS, a standard used to make router setup easier for the average user. This vulnerability can allow brute-force attackers to gain access to network passwords, regardless of WPA or WPA2 use.

If your router uses WPS (not all do), you should turn this feature off in your settings if you are able to do so. However, this is not a complete solution, as Reaver has been able to crack network security on routers with the WPS feature, even when it is turned off. The best, most secure solution is to use a router that has WPA2 encryption and no WPS feature.

References

About WPA (Wi-Fi Protected Access) – Comcast
Create secure passwords to keep your identity safe – Mozilla Support
Estimated cost to make a brute-force WPA2 attack feasible – Information Security Stack Exchange
The evolution of wireless security in 802.11 networks: WEP, WPA, and 802.11 standards (PDF) – SANS
Has the NSA broken SSL? TLS? AES? – ZDNet
Has the NSA really broken “strong” encryption? – PC Pro
How the NSA Almost Killed the Internet – Wired
How to Crack a Wi-Fi Network’s WPA Password With Reaver – Lifehacker
Researchers publish open-source tool for hacking WiFi Protected Setup – Ars Technica
SSL/TLS broken again—A weakness in the RC4 stream cipher – Cryptanalysis
Understanding the updated WPA and WPA2 standards – ZDNet
Understanding WEP, WPA, and WPA2 – Professor Messer on YouTube
Update for Disabling RC4 – Microsoft Security Advisory
What is WPA2? – About.com Wireless/Networking
Why Wireless Router / Gateway Security is So Important As Part of Your Security System – SUPERAntiSpyware Blog
Wireless Witch: How to Test Your Wireless Performance – PCMag
WPA – About.com Wireless/Networking
WPA2 Security Now Mandatory for Wi-Fi Certified Products – Wi-Fi Alliance
Wikipedia: IEEE 802.11i-2004
Wikipedia: Institute of Electrical and Electronics Engineers
Wikipedia: Wi-Fi-geschützter Zugang
Wikipedia: Wired Equivalent Privacy