WPA vs WEP: How Do Wi-Fi Security Protocols Differ?
Compare WEP, WPA, WPA2, and WPA3 Wi-Fi security — why WEP is broken and how WPA3 improves encryption, with interview Q&A.
Expected Interview Answer
WEP (Wired Equivalent Privacy) is a deprecated, cryptographically broken Wi-Fi security protocol using a static RC4 key that can be cracked in minutes, while WPA (Wi-Fi Protected Access) and its successors WPA2 and WPA3 use stronger, evolving cryptography — AES-based encryption and per-session keys — that remain practical to use securely today.
WEP relies on RC4 stream cipher encryption with a small, static key and a short initialization vector that repeats often enough for an attacker to statistically recover the key by capturing enough traffic, meaning any WEP network can be broken in minutes with freely available tools. WPA was introduced as a stopgap fix using TKIP, which rotated keys per packet to patch WEP’s flaws without requiring new hardware, but TKIP itself is now considered weak. WPA2 replaced TKIP with AES-CCMP, a genuinely strong block cipher, and became the long-standing standard, though its four-way handshake was vulnerable to offline dictionary attacks against weak passwords and to the KRACK key-reinstallation attack. WPA3 closes those gaps with Simultaneous Authentication of Equals (SAE), a password-authenticated key exchange resistant to offline dictionary attacks, plus mandatory forward secrecy so capturing one session’s traffic does not compromise past sessions. Any network still running WEP, or even WPA with TKIP, should be treated as effectively unencrypted from a security standpoint.
- WPA2/WPA3 use AES-based encryption instead of broken RC4
- Per-session and per-packet key derivation prevents key reuse attacks
- WPA3 SAE resists offline dictionary attacks against weak passwords
- WPA3 provides forward secrecy so a leaked key does not expose past sessions
AI Mentor Explanation
WEP is like a team using the exact same simple hand signal every single match for years, so opposing analysts eventually decode the pattern just by watching enough games. WPA is an early fix where the team changes the signal slightly each over, which helps but analysts can still crack it with enough patience. WPA2 and WPA3 are like switching to a genuinely randomized signal system generated fresh for every match, with WPA3 adding protection so even if one match’s signals are somehow recorded, no past match can be decoded from it.
Step-by-Step Explanation
Step 1
WEP (broken)
Uses static RC4 keys and short IVs that repeat, allowing statistical key recovery in minutes.
Step 2
WPA (TKIP)
Software-patchable fix that rotates keys per packet, but TKIP is now itself considered weak.
Step 3
WPA2 (AES-CCMP)
Adopts a genuinely strong block cipher, though the four-way handshake is vulnerable to offline dictionary and KRACK attacks.
Step 4
WPA3 (SAE)
Uses password-authenticated key exchange resistant to offline dictionary attacks, with mandatory forward secrecy.
What Interviewer Expects
- Knows WEP is fundamentally broken and should never be used
- Explains the WEP -> WPA(TKIP) -> WPA2(AES) -> WPA3(SAE) progression
- Understands forward secrecy and why WPA3 provides it
- Aware of real attacks: WEP key recovery, WPA2 KRACK, dictionary attacks on weak passwords
Common Mistakes
- Assuming WPA and WPA2 are interchangeable in strength
- Not knowing WEP can be cracked in minutes regardless of password length
- Thinking a strong Wi-Fi password alone compensates for using WEP
- Confusing WPA-Personal (PSK) with WPA-Enterprise (802.1X) authentication modes
Best Answer (HR Friendly)
“WEP was the earliest Wi-Fi security standard, and it turned out to be so weak that it can be cracked in minutes with free tools, so it should never be used today. WPA, and especially WPA2 and the newer WPA3, replaced it with much stronger encryption that actually holds up, with WPA3 adding extra protection against password-guessing attacks and ensuring that even a compromised key later cannot unlock traffic captured in the past.”
Code Example
# Linux: inspect the security protocol of nearby networks
nmcli device wifi list
# Example output columns include:
# SSID SECURITY
# HomeNet WPA2
# OldRouter WEP
# Any SSID showing WEP or WPA(TKIP-only) should be treated as insecureFollow-up Questions
- What is the KRACK attack and which protocol does it target?
- How does WPA3’s SAE handshake resist offline dictionary attacks?
- What is the difference between WPA-Personal and WPA-Enterprise?
- Why is a weak pre-shared key still a risk even on WPA2/WPA3?
MCQ Practice
1. Why is WEP considered cryptographically broken?
WEP's small IV space causes IV reuse, letting attackers statistically recover the RC4 key.
2. What cipher does WPA2 use that WEP lacked?
WPA2 uses AES in CCMP mode, a genuinely strong block cipher, replacing WEP's broken RC4.
3. What key advantage does WPA3's SAE provide over WPA2's handshake?
SAE is a password-authenticated key exchange designed to resist offline dictionary attacks.
Flash Cards
Why is WEP insecure? — Static RC4 keys with short, reused IVs allow statistical key recovery within minutes.
What cipher does WPA2 use? — AES in CCMP mode, replacing WEP's broken RC4 stream cipher.
What does WPA3 add over WPA2? — SAE key exchange resistant to offline dictionary attacks, plus mandatory forward secrecy.
What attack targets WPA2's handshake? — KRACK (key reinstallation attack) and offline dictionary attacks on weak passwords.