Ethan Chiu My personal blog

Is WPA2 Really Secure? (Part 1)

After realizing my own WPA2 home network was compromised recently, I wondered how easy it was to break into a WPA2 network. I had heard about brute forcing methods but nothing fast and efficient enough to efficiently crack a network.

Let me take a step back. Before there was WPA2, there was WEP. WEP stands for “Wired Equivalent Privacy”. WEP, like WPA2, was invented to protect WIFI networks so that it would be as secure as ethernet connections networks. Before WEP (now we are going way back), network sniffer programs could tap into WI-Fi networks with no barriers.

The basic premise of WEP was simple: create a key made up of hexadecimal values. For one to access a WEP network, they would have to have the same WEP key as the router’s key. In addition, there were two different versions of WEP: 64 bit (10 digits) and 128 bit (26 digits).

Ok, so why were WEP networks so vulnerable? There were many flaws such as how it’s set up. One quick example is that WEP uses RC4 encryption algorithm aka stream cipher. Stream ciphers are vulnerable because an intruder can flip a bit in the cipher text and the corresponding bit will be revealed. I won’t delve too deeply in the flaws of WEP, but this research paper by University of California Berkeley explains it well:

Next time, I will talk about the exciting new research over the past 2 years which reveal the unfortunate vulnerabilities of WPA2. (But don’t worry. If you have a long and complex password, you will most likely not be hacked!)