What is WLAN encryption?
WLAN encryption converts the data transmitted in a wireless network into a form that can no longer be read by unauthorized persons. Only WLAN participants who are in possession of the respective key can decrypt the data again.
Various security protocols and standards such as WEP, WPA, WPA2, TKIP, and CCMP are used to encrypt the data. The first devices with the new encryption standard WPA3 are expected before the end of 2018. WEP and WPA are now considered no longer secure and outdated. These standards should therefore no longer be used.
Why WLAN encryption is necessary
In cable-based networks, data is protected to a certain extent by the physical transmission medium. Data can only be intercepted if physical access to the cable is possible. The cables are usually laid in buildings in a protected manner and are not easily accessible to unauthorized persons.
The situation is different with a radio-based WLAN. Communication takes place via radio signals that propagate in free space. Anyone within range of the radio signals can access them. If the WLAN access point is installed inside a building, the radio signals can usually also be received outside the building in the immediate vicinity.
A simple WLAN receiver is all that is needed to intercept the data. For the operator of the WLAN, this can happen completely unnoticed, for example with a laptop in a car parked in front of the building. Unauthorized persons can thus gain access to the wireless network.
Encryption and authentication procedures exist to prevent this in the WLAN. Users of the wireless network must authenticate themselves and the transmitted data is encrypted. Without these procedures, wireless networks would not be able to operate without risk. Therefore, WLAN encryption is used in private WLANs as well as in corporate wireless networks.
A brief overview of the different encryption methods
WEP (Wired Equivalent Privacy) was the first encryption method for WLAN. Today, it is no longer considered secure and can be hacked out in a matter of minutes. WPA (Wi-Fi Protected Access) replaced WEP and used TKIP (Temporal Key Integrity Protocol) with dynamic keys.
Today, WPA is also relatively easy to attack. Currently, most WLANs use WPA2 (Wi-Fi Protected Access 2) with CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) and AES (Advanced Encryption Standard), which is secure to the best of our knowledge. WPA2 is to be supplemented by WPA3 in the near future. The first devices with this encryption standard are expected as early as 2018.
Legal aspects of WLAN encryption
A WLAN can only be operated securely if authentication and WLAN encryption are used. According to German law, authentication and encryption must be integrated. Anyone who operates a WLAN openly without protective mechanisms can be held accountable in the event of legal violations committed over the wireless network.
New WLAN devices have had to support WPA2 with CCMP and AES since 2014. However, there are still many old WLAN end devices and WLAN access points in operation in which only WEP or WPA is implemented.