Reply
garywi
Posts: 17
Registered: ‎08-02-2006

TKIP, AES or TKIP+AES

What encryption should I use?  Also, WEP or WEP2?
 
I find wireless PC is slow with WEP2/AES.
 
Thanks
toomanydonuts
Posts: 6,365
Registered: ‎09-16-2006

Re: TKIP, AES or TKIP+AES

[ Edited ]
Ideally, you should use WPA2 with AES.  If you cannot get this to work, a satisfactory alternative is WPA with TKIP.  WEP is no longer recommended.
 
The option of WPA2 with "TKIP or AES" allows you to run a mixed system:  Those devices that can do WPA2 with AES will use that system, less advanced devices (such as PDA's) that can only do WPA will do WPA with TKIP.
 
If you are having trouble with WPA2 you should note the following:
 
1) make sure you have the latest driver for your wireless adapter
 
2)  Windows XP requires a patch to run WPA2. Go to Microsoft Knowledge base, article ID=893357 and it will direct you to the patch.
Sadly, the patch is not part of the automatic Windows XP updates, so lots of people are missing the patch.

Message Edited by toomanydonuts on 06-13-200711:12 PM

rf53
Posts: 20
Registered: ‎01-06-2008

Re: TKIP, AES or TKIP+AES

I am currently configured for WPA personal with TKIP.  From what I read, I may want to go with WPA2 with AES.  Before making this change how do I check my equipment to ensure that it will support the change?  Also, out of curiosity, why should the change be made from a computer wired to the router?  Thanks.
toomanydonuts
Posts: 6,365
Registered: ‎09-16-2006

Re: TKIP, AES or TKIP+AES

[ Edited ]
WPA2 encryption is only used for wireless connections.  Computers that are wired to the router are not effected by this setting, and therefore do not need any updates when you change to WPA2.
 
However, your wireless equipment and wireless computers will need to be compatible with WPA2, in order for you to use WPA2.
 
Any wireless equipment capable of wireless  g or n, should be able to do WPA2, except perhaps for some of the original wireless g models that were sold several years ago.  Most wireless b will not do WPA2.  Also, many PDAs, and other small wireless network devices can only do WPA.
 
Check each of your wireless devices, and see what encryption methods they support.  If there is a question about any device, you will need to check the manufacturer's web site for the specs, to see if the device supports WPA2.   If WPA2 was not supported in the original specs, then check for updated firmware or drivers, because sometimes support for WPA2 was added after the product was released.
 
If all of your wireless equipment supports WPA2, then set the router for WPA2 with AES.
 
If some of your wireless devices can do WPA2, but others can only do WPA, then set the router for WPA2 with "TKIP or AES"  (sometimes listed as "TKIP + AES", or "TKIP and AES" ).    This will allow WPA2 devices to connect with WPA2, and WPA devices to connect with WPA, all at the same time.
 
Since my last post in this thread, the Windows WPA2 patch has changed.
Go to Microsoft Knowledge base, article ID=917021 and it will direct you to the patch.  Sadly, the patch is not part of the automatic Windows XP updates, so lots of people are missing the patch.


Message Edited by toomanydonuts on 03-02-2008 06:32 PM
vincekezel
Posts: 1
Registered: ‎04-16-2011

Re: TKIP, AES or TKIP+AES

Just tested throughput with iperf and wanted to share my results:

WPA2 PSK AES : 22.2 Mbps
WPA2 PSK TKIP : 20.9 Mbps
no wifi security: 22.2 Mbps

 

Ran ipref 3 times for each test and took the average. (they were all close anyways)