Feeds

New WPA wireless security on its way

Not a moment too soon

  • alert
  • submit to reddit

The Power of One eBook: Top reasons to choose HP BladeSystem

The Register's Wireless LAN Channel

Virtually no one has a kind word to say about Wired Equivalent Privacy (WEP), the standard for securing data transmissions on Wi-Fi networks, writes Anne Zieger. WEP, which relies on cryptography that can be cracked with a half-hour of laptop time, isn't well-defended, but until recently it's all Wi-Fi fans had.

Things are due to change soon as Wi-Fi Protected Access (WPA), the next-gen Wi-Fi security standard, becomes the accepted security approach for Wi-Fi networks. WPA is giving vendors a strong incentive to roll out new Wi-Fi product lines, abandoning the previous generation of wireless networking approaches.

WPA is backed by the Wi-Fi Alliance, a vendor consortium whose membership includes Cisco, Dell, Intel, Intersil, Microsoft, Nokia, Philips, Sony, Symbol Technologies, and Texas Instruments. Offering codebreaker-hostile features like Temporal Key Integrity Protocol (TKIP), the stronger WPA makes Wi-Fi-based LANs look a lot less exposed.

Products supporting WPA, a subset of the pending 802.11i standard, have already begun appearing on the market. Dozens of vendors have already received Wi-Fi Alliance certification for WPA-based Wi-Fi access points, internal and external PC cards, wireless print servers, USB and Ethernet client adapters, and application-specific devices. The full 802.11i version, known as WPA2, should be released sometime next year, and will be compatible with the current wave of WPA technology.

Industry players say the WPA release isn't a moment too soon. WEP security, many say, is not much better than nothing at all. For one thing, WEP keys can be hacked using a number of readily available tools, including WEPCrack and AirSnort. Using TKIP, on the other hand, up to 500 trillion possible keys can be used with a given data packet, making brute-force cracking virtually impossible.

If companies want to try Wi-Fi on the cheap before they make an investment in this next generation of Wi-Fi technology, they can find open source applications for at least some Wi-Fi infrastructure pieces. Options like the OpenAP open source access point developed by Instant 802 Networks give companies a chance to play with Wi-Fi infrastructure before they pick up the check. Another effort, the linux-wlan project, is creating a complete standards-based open source WLAN infrastructure running over Linux.

Once an end-user organisation goes WPA, however, it needs to go all the way, and WEP-based open source products may not be ready with WPA versions quickly enough. Though some wireless access points offer dual-mode security using both WPA and WEP, WPA isn't directly compatible with WEP. The Wi-Fi Alliance doesn't recommend juggling the two for any length of time, as this approach leaves a network just as open as WEP alone.

If companies are using 802.1x security, they're ahead of the game. WPA relies on 802.1X authentication, working in combination with one of the standard Extensible Authentication Protocol (EAP) types, and works with several EAP subtypes, including Cisco's LEAP (Lightweight Extensible Authentication Protocol). EAP handles the presentation of users? credentials across many formats, including digital certificates, unique usernames and passwords, smart cards, and secure IDs.

Enterprises transitioning from older WLAN infrastructure to Wi-Fi, however, face a separate and potentially more difficult problem. The emergence of WPA - and the legitimacy it adds to Wi-Fi - has turned vendors off to older, proprietary WLAN technlogies. In coming months, much of the gear from leading WLAN vendors will work exclusively via Wi-Fi, rather than proprietary 900MHz or 2.4GHz implementations. Enterprises hoping to upgrade their old proprietary equipment with newer proprietary equipment, in other words, will soon be out of luck.

Looked at one way, WPA has given vendors a good excuse to roll out new Wi-Fi product lines which may - surprise! - require at least some customers to buy a lot of new equipment. At least this time, however, unlike with some waves of new technology, users get a tangible benefit from the latest cool gear. ®

© Newsforge.com

Anne Zieger is chief editor for PeerToPeerSource.com. Her work has appeared in Information Week, Byte, CIO, InfoWorld, and many other IT publications.

The Register's Wireless LAN Channel

Reducing security risks from open source software

More from The Register

next story
Motorist 'thought car had caught fire' as Adele track came on stereo
'FIRE' caption on dashboard prompts dunderheaded hard shoulder halt
Delaware pair nabbed for getting saucy atop Mexican eatery
Burrito meets soft taco in alleged rooftop romp outrage
Japanese artist cuffed for disseminating 3D ladyparts files
Printable genitalia fall foul of 'obscene material' laws
Carlos: Slim your working week to just three days of toil
'Midas World' vision suggests you retire later, watch more tellie and buy more stuff
Brit Rockall adventurer poised to quit islet
Occupation records broken, champagne corks popped
Accused! Yahoo! exec! SUES! her! accuser!, says! sex! harassment! never! happened!
Allegations were for 'financial gain', countersuit claims
Yahoo! Japan! launches! service! for! the! dead!
If you're reading this email, I am no longer alive
Plucky Rockall podule man back on (proper) dry land
Bold, barmy Brit adventurer Nick Hancock escapes North Atlantic islet
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.