Wi-Fi Protected Access Networks

Before the Wi-Fi Protected Access (WPA) standards were adopted, the only standard in place to protect wireless networks was Wired Equivalent Privacy (WEP). WEP was designed to encrypt communications on a wireless network, but ultimately was found to have many security vulnerabilities. WPA was created as a subset of the 802.11i standards to help address those vulnerabilities.

WPA comes with three features meant to address the vulnerabilities of WEP: 802.1x-based authentication, Temporal Key Integrity Protocol (TKIP), and message integrity checks.

802.1x- based authentication contains three elements; a supplicant, an authentication server, and an authenticator. This mutual authentication framework provides an added layer of security in dealing with wireless communications.

TKIP was specifically implemented to solve the key reuse flaw in WEP communications. Where WEP keys were not long enough, WPA's TKIP packet comprises a 128-bit key, the MAC address, and a 48-bit initialization vector. This guarantees the usage of different keys.

Finally, message integrity checks enforce integrity by checking for potential packet alteration.

Although WPA made some significant improvements to WEP encryption standards, it still has a few security weaknesses and was not perfect. WPA was the interim solution to the WEP vulnerability, to be further enhanced through WPA2 and 802.11i: stronger solutions to wireless security.