Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
SP2 beta for Windows Server 2008, Vista available
'Tis the season for layoffs, firm reports
Number crunching: Stats about energy consumption, virtualization and cloud computing
Nokia's new N97 vs. the iPhone: Latest smartphone showdown
5 Must-Do Cyber Security Steps for Obama
Telco spending could drop more than 10% next year
Wanted: A long-term data center strategy
Microsoft tools build bridge between OpenXML, other formats
FastSoft technology speeds downloads for Getty Images
Open source developers set out software road map for 2020
VMware expands desktop virtualization capabilities
FBI warns of holiday cyber scams
Apple removes antivirus support page
Apple antivirus advice 'big to-do about nothing'
Cisco renews call for national broadband strategy
Wireless/Mobile /

What's in WPA?

Related linksToday's breaking news
Send to a friendFeedback

Sign up to receive this and other networking newsletters in your inbox.

By Joanie Wexler
Network World Wireless in the Enterprise Newsletter, 11/13/02

As mentioned last time, the Wi-Fi Protected Access security suite that will be required for Wi-Fi certification of wireless LAN products next year contains many of the components of the formal security standards nearing ratification by the IEEE 802.11 Task Group I.

Upgrading to the WPA suite requires software changes to access points and clients, which will likely be made available for a nominal fee by most vendors. A mixed network can run with WPA and its predecessor, Wired Equivalent Privacy (WEP), both installed. However, security in these networks will default to WEP, which offers less protection.

WPA contains the pieces of 802.11i that are closest to final approval, so few, if any, software changes should be required when 802.11i becomes " real. "

One 802.11i component not required in WPA is Advanced Encryption Standard (AES) support. AES will replace 802.11's RC4-based encryption under 802.11i specifications.

Migrating to AES encryption, though, will require hardware changes, so this has been deferred by the Wi-Fi Alliance until the formal standard is in place to give vendors and customers some breathing room. But 802.11i will require hardware changes regardless of whether WPA gets deployed over the next year or not.

So do you want to protect your networks now or wait to better secure them until 802.11i products emerge in the second quarter of 2004? You can also use third-party proprietary products in the interim, which we'll discuss here at a later date.

Here are the components included in WPA and 802.11i:

* 802.1x authentication framework.

* AP-to-client communications security.

* Key hierarchy.

* Key management.

* Cipher and authentication negotiation.

* Temporal Key Integrity Protocol, which rotates encryption keys on a per-packet basis and provides other important functions.

Here's what will still be left to add when 802.11i is commercially deployed:

* AES.

* Preauthentication (a strength when voice quality of service is required).

* Peer-to-peer communications security.

Products supporting WPA will be labeled " Wi-Fi WPA-certified. When 802.11i is a standard, products will be labeled as " Wi-Fi WPA2-certified. "

But a Wi-Fi Alliance spokesperson makes no bones about security always being a work in progress.

" First you make it, then someone breaks it, then you fix it. And so on. There's never really an end point, " he notes.

No argument here. What that means is, in the future, we'll likely see WPA3, WPA4...

RELATED LINKS

WPA Q&A

WPA backgrounder

Joanie Wexler is an independent networking technology writer/editor in Campbell, Calif., who has spent most of her career analyzing trends and news in the computer networking industry. She welcomes your comments on the articles published in this newsletter, as well as your ideas for future article topics. Reach her at joanie@jwexler.com.

Network World Wireless archive
Past newsletters.


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.