WPA2 vs WPA

Author	All Replies
kluisi join:2006-03-23 Ashburn, VA	WPA2 vs WPA I just re-did my home network so that I could connect my AV gear to the internet as well and to do that I added two Linksys WRT54G routers (one v3 and one v5) running DDWRT firmware. The network currently consists of a desktop (connected to the WRT54G v3 with a Linksys wireless card), two android smart phones (also connected with WiFi), a wireless to wired bridge (the WRT54G v5) with the tv and PS3 connected to it, a wireless access point (the WRT54G v3), and the Verizon FIOS router (Actiontec MI424) to provide the actual internet connection to the network. All devices have static IPs and the wireless connections are set to use WPA2 security. I am having a problem with dropouts on the wireless and I am not sure why, but they seem to have started when I switched to WPA2. I am considering going back to WPA, but I wanted to know what settings I should use in order help get security that is almost as good as WPA2 with WPA. I am already using a very long and very random passphrase. Any one have any suggestions? Thanks.
	to forum · permalink · 2011-07-22 11:33:56 ·
Jason Look ma, No brains Premium,Mod join:2001-01-24 38.2967 Lat kudos:3 Reviews: ·AT&T U-Verse ·AT&T Yahoo Host: Wireless Security	»compnetworking.about.com/b/2010/···rity.htm It looks like WPA2 doesnt allow TKIP, due to its known limitations, and WPA2 has beefier encryption that while making it more secure, can tax the processors in the wireless device and possibly slow down overall network traffic. I guess it comes down to a personal choice.. If you go with WPA, It looks like WPA-PSK would be the more secure choice. -- When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
	to forum · permalink · 2011-07-22 11:47:55 ·
kluisi join:2006-03-23 Ashburn, VA	I don't so much care about the processor taxing and the possible slow-down in network traffic. We're not really doing anything BW intensive anyway, but I cannot stand the dropouts. When it drops, the only way to get everything back is some combination of Router resets, or wireless adapter repairs on the windows XP desktop wireless adapter. It happens so much too that we have resorted to laying a long Ethernet cable all the way across our house to connect the computer to the router. Not ideal. All things equal, I would love to use WPA2 for the additional security, but unless I can get it to be more reliable I may be forced to downgrade (if that even ends up being better). If I do downgrade though, I want to make sure that I am still reasonably protected. Thanks for the WPA-PSK suggestion. I'll try that when I get the chance to switch.
	to forum · permalink · 2011-07-22 11:54:08 ·
radiodewd @avradionet.com approval from: Jason	said by kluisi: I don't so much care about the processor taxing and the possible slow-down in network traffic. We're not really doing anything BW intensive anyway, but I cannot stand the dropouts. When it drops, the only way to get everything back is some combination of Router resets, or wireless adapter repairs on the windows XP desktop wireless adapter. It happens so much too that we have resorted to laying a long Ethernet cable all the way across our house to connect the computer to the router. Not ideal. All things equal, I would love to use WPA2 for the additional security, but unless I can get it to be more reliable I may be forced to downgrade (if that even ends up being better). If I do downgrade though, I want to make sure that I am still reasonably protected. Thanks for the WPA-PSK suggestion. I'll try that when I get the chance to switch. WPA-PSK (pre-shared key, what you are doing right now) with TKIP is the least secure method. WPA-PSK with AES is the best you can do without a RADIUS server. WPA-enterprise with AES, using a RADIUS server and some kind of EAP protocol is the best.
	to forum · permalink · 2011-07-23 02:01:35 ·

lutful Premium join:2005-06-16 Ottawa, ON Reviews: ·TekSavvy DSL	reply to Jason said by user=Jason : ]I guess it comes down to a personal choice.. If you go with WPA, It looks like WPA-PSK would be the more secure choice. WPA-PSK is really glorified WEP and any length pass-phrase can be cracked using FPGA-based hacking systems. That is why WPA2-PSK implementation has been mandatory to get Wi-Fi certification since 2006. Required AES encryption is available on even older Broadcom chips but his DD-WRT firmware setup may have disabled it.
	to forum · permalink · 2011-08-20 17:48:35 ·
HELLFIRE join:2009-11-25 kudos:4	reply to kluisi Arguments for WPA being cracked aside, several WPA2 implementations I've seen do allow either TKIP or AES to be explicitly configured. Whether this is standard or not, I'm not sure. There any logs from DDWRT that may explain what's happening during the dropouts? What about something like Netstumbler / inssider in regards to wireless strength? Another obvious is ensuring you have the latest (stable) drivers / firmware running. Regards
	to forum · permalink · 2011-08-21 12:33:41 ·
lutful Premium join:2005-06-16 Ottawa, ON Reviews: ·TekSavvy DSL	said by HELLFIRE: several WPA2 implementations I've seen do allow either TKIP or AES to be explicitly configured. Whether this is standard or not, I'm not sure. IEEE and Wi-Fi Alliance require 128-bit AES encryption and all modern WiFi chips implement AES in hardware. Vendors providing TKIP option may be using 64 bit RC4 encryption core available in older chips or doing RC4 very slowly in firmware.
	to forum · permalink · 2011-08-21 15:41:17 ·

Broadband Tech > Security > Wireless Security > WPA2 vs WPA