Quick Hits: Wireless LAN Security

By Francis Chu  |  Posted 2003-06-16 Print this article Print

The WPA (Wi-Fi Protected Access) standard, ratified last year by the Wi-Fi Alliance, will be making its way into products this summer.

  • The WPA (Wi-Fi Protected Access) standard, ratified last year by the Wi-Fi Alliance, will be making its way into products this summer. WPA provides a significant (if temporary) security boost for Wi-Fi networks by enhancing encryption and authentication capabilities while maintaining backward compatibility. This will allow companies to gradually migrate WEP (Wired Equivalent Privacy)-based networks to WPA. For more information, go to www.weca.net/opensection/ protected_access.asp.

  • In March, Microsoft Corp. announced a new WPA security patch for the Windows XP operating system. The patch allows support of WPA-enabled wireless networking devices with the Wireless Zero Configuration service. The patch can be downloaded for free (microsoft.com/downloads/details.aspx?FamilyId=009D8425-CE2aB-47A4-ABEC-274845DC9E91&displaylang=en), and plans for WPA support in Windows Server 2003 are in the works.

  • The IEEE (www.ieee.org) 802.11x standard provides user authentication and port-based access control in a three-component framework and is optional in WEP implementations. WPA requires 802.11x authentication using EAP (Extensible Authentication Protocol) and RADIUS (Remote Authentication Dial-in User Service) servers, or preshared keys. 802.11x authenti- cation brings much better access control and security breach assessment capabilities to WLANs.

  • The IEEE is completing the draft of the 802.11i standard, which is intended to address every flaw in 802.11 security. In fact, the WPA standard is taken from a subset of features found in 802.11i. The completed 802.11i standard will offer stronger encryption algorithms using AES (Advanced Encryption Standard) and new privacy protocols, as well as a robust hierarchical key management scheme.

  • The 802.11i standard will require new chip sets to address the processing power required when using AES encryption, and the standard is not designed to be backward-compatible with existing 802.11 hardware. 802.11i is expected to be ratified at the end of this year, and products are currently forecast for early next year.

  • On the radio technology side, 802.11b is the most widely used WLAN standard, and its this radio type thats most frequently being built into mobile computers and offered at public hot-spot locations. However, as companies extend access to denser, more numerous and more demanding groups of WLAN users, they may find that 802.11a- and 802.11g-based radio technologies are a better fit.


    Submit a Comment

    Loading Comments...
    Manage your Newsletters: Login   Register My Newsletters

    Rocket Fuel