Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Wireless Basics

Better than WEP

Article after article, wardrive after wardrive has documented the fact that most wireless networkers don't enable WEP. In my opinion, this isn't because of WEP's infamous encryption weaknesses, but more due to the fact that there isn't a consistent WEP administration method among WLAN products, including those that carry the Wi-Fi CERTIFIED mark. Some products require Hexadecimal codes, other accept alphanumeric "passphrases"... aaaah, don't get me started! And forget about managing the process of changing WEP keys, even in a home-sized network, let along a corporate one!! Add in the fact that some wireless products suffer a WEP-enabled throughput reduction of up to 50%, and you can see why WEP has such a bad reputation.

To address this part of the WLAN security problem, WPA chose Temporal Key Integrity Protocol (TKIP). TKIP takes a master key (I'll talk about where that comes from shortly) as a starting point then derives its encryption keys mathematically from the master key. TKIP then regularly changes the encryption keys so that the same encryption key is never used twice. This all happens in the background automatically, which is as it should be!

Although it'll still be standard ol' 64 and 128 bit WEP doing the actual encryption, TKIP goes a long way toward making WEP more effective as an encryption mechanism. It remains to be seen, however, whether TKIP will cause a throughput reduction. One of the sources I consulted for this article said that this was one of the issues that had made the 802.11i committee reluctant to release TKIP, and remains a significant obstacle for the real encryption fix, AES.

I've asked a number of vendors whether TKIP will cause a throughput hit, but no one has yet responded. My guess is that the answer will depend on the hardware you have, and more specifically the chipset it uses. If you presently see a throughput reduction when you enable WEP, you'll probably see an additional hit when you upgrade to WPA and TKIP starts doing its thing. Products using older Intersil PRISM or PRISM II, or Lucent / Agere Systems chipsets would be the most likely candidates for an additional throughput trim. What happens to WLAN equipment using newer chipsets (Intersil PRISM 2.5 and above, TI ACX-100, Atheros AR5001X) that presently handle WEP without flinching is anyone's guess.

But hardening WEP is only part of the WPA story. The other half is the authentication mechanism.

More Basics

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

Hi all,my Asus RT-AC86U makes no connection to my VPN Provider.Any one an idea?
I'm about to buy an RT-AX88U - and of course, put Merlin on it.I read about WAN aggregation and that LACP 802.3ad must be supported by the "modem"I ha...
I have discovered that some servers are blacklisted and checked 8 ones that I made sure of they are OK.The normal config is have a config file for all...
Does anybody know what the speed difference between Cablevision & Netgear is? I am renting the Router from Cablevision and wondered if it is cost effe...
One of my devices refuses to roam.I have a Synology RT2600ac router and Synology MR2200ac wireless point hooked together using Synology’s mesh system....

Don't Miss These

  • 1
  • 2
  • 3