As shown in Figure 1, there are three shared key authentication techniques available:
- Wired Equivalent Privacy (WEP) - Original 802.11 specification designed to provide privacy similar to connecting to a network using a wired connection. The data is secured using the RC4 encryption method with a static key. However, the key never changes when exchanging packets making it easy to hack.
- Wi-Fi Protected Access (WPA) - A Wi-Fi Alliance standard that uses WEP, but secures the data with the much stronger Temporal Key Integrity Protocol (TKIP) encryption algorithm. TKIP changes the key for each packet making it much more difficult to hack.
- IEEE 802.11i/WPA2 - IEEE 802.11i is the industry standard for securing wireless networks. The Wi-Fi alliance version is called WPA2. 802.11i and WPA2; both use the Advanced Encryption Standard (AES) for encryption. AES is currently considered the strongest encryption protocol.
WEP is no longer recommended. Its shared WEP keys have proven to be flawed and; therefore, should never be used. To counteract shared WEP key weakness, the very first approach by companies was to try techniques, such as cloaking SSIDs and filtering MAC addresses. These techniques have also proven to be too weak.
Following the weakness of WEP-based security, there was a period of interim security measures. Vendors like Cisco, wanting to meet the demand for better security, developed their own systems while simultaneously helping to evolve the 802.11i standard. On the way to 802.11i, the TKIP encryption algorithm was created, which was linked to the Wi-Fi Alliance WPA security method.
Modern wireless networks should always use the 802.11i/WPA2 standard. WPA2 is the Wi-Fi version of 802.11i and; therefore, the terms WPA2 and 802.11i are often used interchangeably.
Since 2006, any device that bears the Wi-Fi Certified logo is WPA2 certified.
Note: Wireless-N networks should use the WPA2-Personal security mode for best performance.
The table in Figure 2 summarizes the three types of shared key authentication methods.