Definition

Wi-Fi Protected Access (WPA)

Wi-Fi Protected Access (WPA) is a security standard for users of computing devices equipped with wireless internet connections, or Wi-Fi. It improved upon and replaced the original Wi-Fi security standard, Wired Equivalent Privacy (WEP). WPA provides more sophisticated data encryption than WEP, and it also provides user authentication -- WEP's user authentication was considered insufficient.

WPA's encryption method is the Temporal Key Integrity Protocol (TKIP). TKIP includes a per-packet mixing function, a message integrity check, an extended initialization vector and a re-keying mechanism. WPA provides strong user authentication based on 802.1x and the Extensible Authentication Protocol (EAP). WPA depends on a central authentication server, such as RADIUS, to authenticate each user.

Software updates that allow both server and client computers to implement WPA became widely available during 2003. Access points (see hot spots) can operate in mixed WEP/WPA mode to support both WEP and WPA clients. However, mixed mode effectively provides only WEP-level security for all users. Home users of access points that use only WPA can operate in a special home mode in which the user need only enter a password to be connected to the access point. The password will trigger authentication and TKIP encryption.

Wi-Fi Protected Access II and the most current security protocols

Wi-Fi Protected Access is a subset of, and is compatible with, IEEE 802.11i -- sometimes referred to as WPA2 -- the security standard that superseded it in 2004. WPA2 uses the Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP). It is based on the obligatory Advanced Encryption Standard algorithm, which provides message authenticity and integrity verification, and it is much stronger and more reliable than the original TKIP protocol for WPA.

WPA2 still has vulnerabilities; primary among those is unauthorized access to the enterprise wireless network, where there is an invasion of attack vector of certain Wi-Fi Protected Setup (WPS) access points. This can take the invader several hours of concerted effort with state-of-the-art computer technology, but the threat of system compromise should not be discounted. It is recommended the WPS be disabled for each attack vector access point in WPA2 to discourage such threats.


Wi-Fi Protected Access.

Though these threats have traditionally, and virtually exclusively, been directed at enterprise wireless systems, even home wireless systems can be threatened by weak passwords or passphrases that can make it easier for an invader to compromise those systems.

This was last updated in August 2016

Continue Reading About Wi-Fi Protected Access (WPA)

Dig Deeper on Mobile networking

PRO+

Content

Find more PRO+ content and other member only offers, here.

Related Discussions

Margaret Rouse asks:

Have you experienced security issues with WPA or WPA2? What were they, and how did you resolve them?

0  Responses So Far

Join the Discussion

2 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchNetworking

SearchTelecom

SearchUnifiedCommunications

SearchSecurity

Close