Wi-Fi Security – A Basic Overview

So you’ve decided to take the leap and set up a Wireless Network. Welcome to the 21st Century!
Wi-Fi is everywhere, but there’s something not many people know, or are nearly concerned enough about if they do know about it.

That is, Security!

The manufacturers of wireless access points and routers don’t really make it obvious to people that their devices are not the least be secure ‘out of the box’.  When you take your new access point out of the box and plug it in, you’re broadcasting your home network out to anyone who’s got a wireless device, such as a laptop.  This broadcast can go for 50 yards or more with newer access points.
Do you really want anyone with a laptop within 50 yards to be able to use your internet, or worse, browse through your computer?

Here’s a little example for you of what can happen if someone does access your wireless network.

I was at a hotel once, using their free (Secured even) wireless, and decided to check out my Network Neighborhood on my laptop.  Network Neighborhood shows all of the other computers that are in the network that you are connected to.  Well, behold! I see what is obviously another guest’s laptop listed.  Me being human, and curiosity getting the better of me, I double click on their laptop icon. Guess what I see?  I find a folder called Shared Documents. This folder is specifically made to allow the user to put files in it that they want to share with other people on their network.  Again, curiosity getting the better of me, I look in said folder. Inside this folder, among others, was a folder called Shared Photos. I’m sure you know where this is going.
Let’s just say that inside this Shared Photos were digital photos of some guy and his wife in situations that SHOULD NOT be Shared with anyone, let alone a complete stranger! And this was on a Secured Wi-Fi network that we just both happen to be connected to. Running an unsecure network is even worse. If you’re broadcasting an unsecure wireless signal around the neighborhood anyone with a laptop could do the same thing I did at that hotel.

The actual process of making your wireless signal is more involved than what I want to go over here.
However, most wireless Access Points and Routers have software that allows for them to be secured by following a wizard. If yours doesn’t, you can find a lot of information online on how to do so.
Now that you’re scared, let’s mention a few terms related to wireless security:

• WEP: Stands for Wired Equivalent Privacy
• WEP comes in both 64-bit and 128-bit options and both of them were good for their time.

Unfortunately, their time was about 10 years ago and now any curious grade school kid can crack it.
However, WEP is better than nothing! If you have old equipment that is only compatible with WEP then I’d still recommend using it.

• WPA-PSK: Stands for Wi-Fi Protected Access. PSK stands for Pre-Shared Key. WPA was the next generation of wireless security standard. PSK is a variable sized key that is shared between the access point and the wireless client. It is dramatically more secure than WEP.

• WPA2: Stands for, you guessed it, Wi-Fi Protected Access 2.

The only real difference between WPA and WPA2 is that with WPA you can select from both of the following encryption algorithms, TKIP or AES, and with WPA2 it defaults to the far more secure AES algorithm.

WPA and WPA2 both have the options of two different types of encryption algorithms. They are:

• TKIP: Stands for Temporary Key Integrity Protocol. This was a ‘better than WEP, but not as good as we want’ algorithm that was made to use until a better option could be developed.
• AES: Stands for Advanced Encryption Standard. This is the currently the most secure encryption algorithm possible.

You may have heard recently that WPA was cracked in less than 1 minute by some Japanese scientists.
While true, this isn’t the whole story. What was cracked was WPA-TKIP. The TKIP portion was what was cracked, which allowed for the security to be breached.  TKIP has always been known to not be 100% secure and was only meant to be a temporary replacement for WEP encryption so this honestly was no real news.

How secure any wireless security is depends on the password. Without going into any major detail, because there’s tons of it, it boils down to the longer the password\passphrase\key is, the better.  An example on security levels is this information on Pre-Shared Keys using just normal ASCII characters, quoted from ZDnet:

“Average cracking time (in years) equals combinations divided by 100 PSKs/sec divided by the number of cracking PCs divided by 60 sec/min divided by 60 min/hour divided by 24 hours/day divided by 365.24 days/year divided by 2″

So, just a normal, 10 ASCII character PSK that was attempting to get cracked by 1,000 PCs @ 24 hours a day/7 days a week would take 579 YEARS! If you toss in Upper and Lower case letters and ASCII symbols, it increases that time by a factor of x 7.  That’s for only 10 characters. The maximum size a PSK can be is 63 characters. You do the math!

As with anything, how secure you want to be depends on you. Even the lowest security is better than none so do some research and make a choice that will give you peace of mind.

Some good reference sites:

Wikipedia – Wireless Security
WPA-PSKGEN
ZDNet
PCWorld
MakeUseOf.com

By: Mike Rigsby – Contributor @ 2s2d.net