|
| WEP | WPA | WPA2 |
| The main Purpose | Security is provided in contrast to wired networks | Implementation of major IEEE802.11i standards with WEP without requiring new hardware | Complete IEEE 802.11i standards are implemented with new enhancements of WPA |
| Data Privacy (Encryption) | Rivest Cipher 4 (RC4) | Temporal Key Integrity Protocol (TKIP) | Authentication is provided through chipper blocks with CCMP and AES. |
| Authentication | WEP-Open and WEP-Shared | WPA-PSK and WPA-Enterprise | WPA2-Personal and WPA2-enterprise |
| Data Integrity | CRC-32 | Data integrity is provided through Message Integrity Code. | Cipher block chaining message authentication code (CBC-MAC) |
| Key Management | Key management is not provided | The 4 way handshaking mechanism is used to provide for key management | The 4 way handshaking mechanism is used to provide for key management |
| Compatibility in terms of Hardware | Possible to deploy on current hardware infrastructure | Possible to deploy on both current and previous hardware | Older Network Interface Cards are not supported. Only the 2006 and newer. |
| Vulnerability | Vulnerable against Chopchop, Bittau’s fragmentation and DoS attacks including variety of DoS attacks. | Vulnerable against Chopchop, Ohigashi-Morii, WPA-PSK, and Dos attacks. | Vulnerable against DoS attacks due to unprotected control frames and MAC spoofing |
| Deployment in terms of complexity | Easy to deploy and configure |
| WPA-2 requires complicated setup with WPA enterprise. |
| Replay attack protection | No protection against replay attacks | Implements sequence counter for replay protection | Implementation of 48-bit datagram/packet number protects against replay attack |