What wireless security types are there?

Why do we have multiple wireless security types?

Today, WiFi networks are either open with no protection or protected with one of four security types: WEP, WPA, WPA2, or WPA3. These security types represent an evolution in implementing improved WiFi security in response to identified vulnerabilities and exploits.

WEP (Wired Equivalent Protocol) was defined in 1997 in the original IEEE 802.11 specification. The first exploits were identified a few years later, around 2001. The exploits were so severe that many organizations stopped deploying WiFi networks. To address WEP’s weaknesses, RSN (Robust Security Network) was added to the 802.11 specification.

RSN initially included two confidentiality and integrity protocols: TKIP, which could be implemented as a firmware upgrade to the existing WiFi products, and CCMP, which required new hardware and would take one to two years to become widely available. TKIP has some known weaknesses and is not as secure as CCMP, but had time-to-market advantages.

In 2003, the WiFi Alliance published the WPA (WiFi Protected Access) specification, which supported the deployment of TKIP. A year later, they published WPA2, which supports CCMP.

Since WPA2 was defined 20 years ago, several security-related enhancements have been added to the 802.11 specification. WPA3 is the latest WiFi Alliance specification and encourages deploying these newer security features.

What are the technical differences between WEP, WPA, WPA2 and WPA3?

The technical differences between WEP, WPA, WPA2, and WPA3, relate to three fundamental security mechanisms:

  • Encryption, which protects the confidentiality of messages transmitted over the WiFi network.
  • Message integrity, which ensures that messages sent over-the-air have not been tampered with.
  • Authentication, which determines if the user has permission to access the WiFi network.

What are the different WiFi encryption options?

The original 802.11 specifications included encryption, message integrity, and authentication. Collectively, these mechanisms were referred to as WEP (Wired Equivalent Privacy). WEP supported a key length of 128 bits and used the RSA encryption algorithm. WEP used a 24-bit initialization vector as input to generate the WEP encryption key.

Unfortunately, hackers could expose the WEP encryption key after collecting approximately 300,000 encrypted packets over the air. WEP uses the same key for both encryption and authentication. Once hackers broke the encryption key, they could not only decrypt over-the-air traffic but also access the network.

Today, WEP is deprecated. However, you will still find some legacy WEP deployments, particularly in academia and hospitals. If an organization is prohibited from replacing its WEP-enabled devices, the traffic must be segmented and unable to reach the main enterprise network.

To fix the problems with WEP, the IEEE 802.11 working group defined RSN (Robust Secure Network) as an alternative to WEP. The WiFi Alliance developed the WPA certification specification to test and encourage the implementation of a subset of the RSN features.

  • WPA. A suite of interim measures to fix the problems with WEP, for example, extending the initialization vector to 48 bits. However, WPA supports the RSA encryption algorithm. As WPA was a short-term solution, you would not expect to find WPA in the enterprise network today.
  • WPA2. Defined the CTR (Counter) mode using AES as a stream cipher. The AES cipher supports longer keys and is resilient against brute force attacks. WPA2 supports encryption using 128-bit keys.
  • WPA3. Adds GCM (Galois Counter Mode) for encryption using the same AES cipher and 192-bit encryption keys. The latter is a requirement for some US military deployments.

What are the various WiFi message integrity choices?

Message integrity is typically achieved using a hashing algorithm and a secret key to generate a fixed-length message digest, which is appended to the message before transmission. If the receiving device generates the same message digest, it indicates the message has not been tampered with.
WEP generated the fixed-length string using a checksum. The deterministic relationship between the message and the fixed-length string made it vulnerable to bit-flipping attacks.

RSN, defined by the 802.11 working group, introduced new message integrity mechanisms, and again, the WiFi Alliance certification encourages the implementation of these improved features.

  • WPA. As a short-term measure, WPA introduced the Michael hash function. Although Michael has known weaknesses, it is a significant improvement over the WEP checksum CRC32.
  • WPA2. Defines cipher block chaining message authentication code (CBC-MAC) for message authentication and integrity. CBC-MAC uses the AES block cipher and a shared secret to generate a fixed-length message authentication code.
  • WPA3. Adds GMAC (Galois Message Authentication Code) for message authentication and integrity. Both CBC-MAC and GMAC use the same AES block cipher. However, GMAC is faster as it processes data blocks in parallel, whereas CBC-MAC processes each block sequentially.
    You may be familiar with the acronyms CCMP and GCMP. CCMP is CTR mode for encryption with CBC-MAC for message integrity. GCMP is GCM for encryption, with GMAC for message integrity.

What are the different WiFi authentication methods?

The original 802.11 specification defined an Open System and a Shared Key authentication. Open System authentication allows anyone to connect. Shared key authentication enables multiple users to use the same key to connect to the network. The shared key used for WEP authentication is the WEP encryption key.
RSN added support for several new authentication mechanisms, including:

  • Preshared Key (PSK) authentication. The preshared key is shared with the user before they connect to the WiFi network. Unlike WEP, where all users use the same key, PSK allows each user to have a unique key.
  • Simultaneous Authentication of Equals (SAE) is a password-based authentication method that generates a key using a key agreement mechanism. By generating a strong key, SAE protects users who create weak passwords from brute-force attacks.
  • 802.1X port-based authentication. General traffic is blocked until the 802.11X authentication procedure is completed.
    WPA defined two modes, WPA Personal and WPA Enterprise.
  • WPA and WPA2 Personal use PSK.
  • WPA3 Personnel replaces PSK with SAE. WPA, WPA2, and WPA3 Enterprise use 802.1X port-based authentication.

What are protected management frames (PMF)?

Three message types are sent over WiFi networks: data, management, and control frames. Management frames include authentication and association messages. Historically, these frames were not protected, making WiFi networks vulnerable to DoS attacks. PMF adds encryption and message integrity to protect specific management frames.

Although PMF was defined in 2009, it was not widely adopted by the industry. To facilitate adoption, the WiFi alliance made PMF a mandatory feature for WPA3 certification.

What should you do now?

Table 1 summarizes the 802.11 security features discussed in this blog. The next step is to assess the WiFi networks that you use. Answer the following questions:

  • What security mechanisms are being used on this network?
  • What data goes over this network?
  • Do we need to strengthen security on this network?
wifi certification chart
Table 1: Comparing WiFi features in WPA releases
Author Bio –
Author and public speaker

Dr. Avril Salter is an author and acclaimed public speaker with over 20 years of in-depth technical and executive experience working in wireless and network security. She holds senior business and technical architect positions with a history of success in setting direction in major corporations and start-ups. She has an exceptional breadth of technical expertise in wireless standards and network security protocols and is a strategic thinker with a solid understanding of the IT and telecommunications industries.

More Posts