Real Security for Wireless LANs

We take a look at the new security standard for wireless LANs: Wi-Fi Protected Access.

Have you stayed away from wireless LANs (WLANs) because of their notorious lack of security? If so, its time to take another look. The Wi-Fi Alliance, which tests and certifies products based on the 802.11 specification, recently approved a new security standard called Wi-Fi Protected Access (WPA), which addresses just about every WLAN vulnerability.

The standard Wired Equivalent Privacy (WEP) security most WLAN products currently offer provides only rudimentary protection, as it uses a single static 40- or 128-bit key for both encryption and authentication. This key is shared by everyone on the WLAN. For medium and large networks, WEP is a major management burden, because administrators must enter WEP key information manually on every single WLAN-enabled device. And despite all that effort, anyone can crack WEP using one of a number of utilities available for free on the Web.

Enterprise WLAN vendors have scrambled to offer their own, more robust security solutions for their hardware, but such proprietary solutions usually dont interoperate with those from other vendors. Thats why the Wi-Fi Alliance and the IEEE developed WPA, which will provide strong security in mixed-vendor environments, including WLAN hot spots in places like airport lounges and Starbucks coffeehouses.

For the whole story, check out the PC Magazine article.