When it comes to keeping your router – and its connection – secure, you can choose between two primary encryption methods – TKIP and AES. But which is more secure? In this blog, we'll take a look at each option to determine just that.
Router security in a nutshell
Before you encounter TKIP and AES encryption, if you're establishing a wireless network you'll first need to choose between the Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), and Wi-Fi Protected Access II (WPA2) algorithms. This isn't a choice to be made lightly – no closing your eyes and throwing a dart – because selecting the wrong algorithm can create a sluggish, unsafe network.
The oldest protocol in the pile is WEP, and it's now considered to be lacking necessary security measures – as is WPA, which was introduced as a temporary solution to the situation before being replaced, in turn, by WPA2 in 2006. WPA2 has its fair share of issues and vulnerabilities despite being the shiniest, newest option, but it's still the best pick of the bunch.
So, now that we've decided to go with WPA2, we can turn our attention to the real conundrum – WPA2-AES or WPA2-TKIP? Essentially, AES (Advanced Encryption Standard) and TKIP (Temporal Key Integrity Protocol) are the different types of encryption you can use on WPA2 networks.
Which is more secure – AES or TKIP?
TKIP was introduced around the same time as WPA to serve a similar function – namely to act as a patch and replace the weak WEP encryption protocol. At the time, this fresh TKIP encryption upgrade was significant – but time has also seen its effectiveness erode away. Because TKIP encryption isn't so different to WEP encryption, it's considered just as unsecure and vulnerable to attackers.
AES, on the other hand, is newer, more secure, and used by the WPA2 algorithm. You'll see AES encryption used all over the web – even the U.S. government has even implemented it. AES encryption is a sturdy, serious protocol that can be 128-bit, 192-bit, or 256-bit – a figure that denotes the amount of data scrambling and how many subsequent potential combinations would exist, a daunting thought for anyone attempting to break encryption. Though AES it is somewhat susceptible to brute-force attacks (which is why having a strong password is so important!), it would still take an astronomically huge amount of time to crack even a 128-bit cipher, and we're talking billions of billions of billions of years, here.
Which is faster – AES or TKIP?
The answer is pretty straightforward, seeing as WPA algorithms and TKIP encryption can slow your WiFi network to a crawl. In addition to being outdated and unsecure, TKIP is infamous for slowing systems that still use it. A new 802.11n router will want to default to WPA2-AES encryption, but if you go with WPA-TKIP instead, your speeds will decrease significantly.
So, not only is WPA2-AES far more secure, but it's far faster, too. 802.11n routers using WPA2-AES can see speeds touching 300mbps, and in absolutely perfect conditions, are even capable of achieving 3.46gbps.
Conclusion
The numbers don't lie, and you won't want to take chances with your router's security, so go with AES encryption! AES is compatible with just about every device and can support faster speeds, too.
WPA-TKIP did its job well enough, providing a then-secure alternative to weak WEP encryption whilst WPA2-AES was being cooked up. But now that WPA2-AES is readily available, there's no real need to revert back to using TKIP – your WiFi network will be securer and quicker, and you'll be able to enjoy the web knowing you've got the best possible encryption watching your back. If you want to learn more check out our guide to internet encryption types.