| Encryption keys based | More secure than | TKIP (Temporal Key | AES (Advanced |
| on RC4 algorithm | 64-bit WEP using a | Integrity Protocol) | Encryption Standard) |
| (typically 40-bit keys) | key length of 104 bits | added so that keys are | does not cause any |
| | plus 24 additional bits | rotated and | throughput loss |
| | of system generated | encryption is | |
| | data | strengthened | |
| | | | |
WEP
WEP is a common protocol that adds security to all Wi-Fi-compliant wireless products. WEP gives wireless networks the equivalent level of privacy protection as a comparable wired network.
WEP Encryption Keys—After selecting either the 64-bit or 128-bit WEP encryption mode, it is critical that you generate an encryption key. If the encryption key is not consistent throughout the entire wireless network, your wireless networking devices will be unable to communicate with one another. You can enter your key by typing in the hex key manually, or you can type a passphrase into the “Passphrase” field and click “Generate” to create a key. A hex (hexadecimal) key is a combination of numbers and letters from A–F and 0–9. For 64-bit WEP, you need to enter 10 hex characters. For 128-bit WEP, you need to enter 26 hex characters.
For instance:
AF 0F 4B C3 D4 = 64-bit WEP key
C3 03 0F AF 0F 4B B2 C3 D4 4B C3 D4 E7 = 128-bit WEP key
The WEP passphrase is NOT the same as a WEP key. Your network adapter uses this passphrase to generate your WEP keys, but different hardware manufacturers might have different methods on generating the keys. If you have multiple vendors’ equipment in your network, the easiest thing to do is to use the hex WEP key from your wireless router (or access point) and enter it manually into the hex WEP key table in your network adapter’s configuration screen.
WPA
WPA is a new Wi-Fi standard that improves upon the security features of WEP. To use WPA security, the drivers and software of your wireless equipment must be upgraded to support it. These updates will be found on your wireless vendor’s Web site. There are three types of WPA security: WPA-PSK (no server), WPA (with radius server), and WPA2.
WPA-PSK (no server) uses what is known as a pre-shared key as the network key. A network key is a password that is between eight and 63 characters long. It can be a combination of letters, numbers, or characters. Each client uses the same network key to access the network. Typically, this is the mode that will be used in a home environment.
WPA (with radius server) is a system where a radius server distributes the network key to the clients automatically. This is typically found in a business environment.
WPA2 requires Advanced Encryption Standard (AES) for encryption of data, which offers much greater security than WPA. WPA uses both Temporal Key Integrity Protocol (TKIP) and AES for encryption.