Thursday, October 30, 2008

Wireless Encryption Methods

What's the difference between the various wireless security methods, and which one should i choose?

There are three possible answers to this question: None, WEP, and WPA. Which one do you choose? It depends.

None - you don't have to use encryption. If you don't have any encryption on your wireless network, people who want to connect don't have to provide a password or key to connect. This can be acceptible, if you don't mind people next door or driving by to gain access to your network and use your internet bandwidth. However, this method can be secured farily easily.
Think of your wireless network as a night club and your router as a bouncer. By not enforcing any encryption, your bouncer speaks english and will listen to anyone's petition to get in. You can tell your bouncer to only let certain people in. The bouncer then checks everyone's drivers license and only let's the permitted people in.
This is like having no encryption but restricting access to certain MAC addresses. Look on wikipedia to find out what a MAC address is. Think of it as a unique unforgeable identification number. (Well, it could be forged, but people who could do that will break in no matter what.) The data between the router and the user is not encrypted, which means that anyone listening can understand the data going between the user and the router. This could be a problem if you're logging onto your bank's website. Not a problem, though. Ever notice how sometimes the web address starts with https:// instead of http://? That means that your data is actually scrambled before it leaves your computer and unscrambled after it's received by the server. This is actually more secure than the encryption you could put on your wireless network. Of course, if you put security on your wireless network, you'll scramble the data again when it gets transmitted into the air.

WEP - WEP is simple encryption. Remember the bouncer? Well, this bouncer will let anyone in as long as they have one of the passwords. The passwords are HEX numbers. In other words, the password consists of only numbers and the letters A-G. The advantage of WEP is that it's very simple. The passwords are restricted to characters that the router can understand very easily, so he's not going to spend any time at all trying to figure out if the passwords match. Also, when data is sent between the router and the user's computer, the data is scrambled, so that only those who have the password can understand it.

WPA - WPA is more difficult to hack than WEP. The reason for this is the complexity of the passwords. It's much like WEP just that the passwords can be much more elaborate. Again the data between the router and user is encrypted. Since things are a little more complex, the bouncer may take a little longer to verify the password, normally not noticeable.

My recommendation? Unless you have problems with it, use WPA. It has the strongest security while allowing you to use plain old passwords.

If you can't use WPA because it's giving you problems, use WEP. If not that, then go without security but remember to filter by MAC.