Ratified last year by the Wi-Fi Alliance, WPA addresses the security vulnerabilities found in WEP-enabled 802.11 WLANs. For example, WPA-compliant products will include dynamic key generation, as well as an improved RC4 data encryption scheme that uses TKIP (Temporal Key Integrity Protocol) and mandatory 802.1x authentication.
WPA provides a much-enhanced RC4 encryption implementation through TKIP. TKIP makes the data packets more secure and is backward-compatible with WEP, although it also creates performance overhead. WPA also uses a new cryptographic checksum method called Michael that verifies the validity of an 8-byte message integrity code placed within the 802.11 frame to protect against forgery attacks.
The link for this article located at eWeek is no longer available.