Encryption is used to protect data. If an intruder has captured encrypted data, they would not be able to decipher it in any reasonable amount of time.
The IEEE 802.11i and the Wi-Fi Alliance WPA and WPA2 standards use the following encryption protocols:
- Temporal Key Integrity Protocol (TKIP) - TKIP is the encryption method used by WPA. It provides support for legacy WLAN equipment by addressing the original flaws associated with the 802.11 WEP encryption method. It makes use of WEP, but encrypts the Layer 2 payload using TKIP, and carries out a Message Integrity Check (MIC) in the encrypted packet to ensure the message has not been tampered with.
- Advanced Encryption Standard (AES) - AES is the encryption method used by WPA2. It is the preferred method because it aligns with the industry standard IEEE 802.11i. AES performs the same functions as TKIP, but it is a far stronger method of encryption. It uses the Counter Cipher Mode with Block Chaining Message Authentication Code Protocol (CCMP) that allows destination hosts to recognize if the encrypted and non-encrypted bits have been tampered with.
Note: Always choose WPA2 with AES when possible.