|
On Thursday the Wi-Fi Alliance unveiled its latest security specifications for 802.11b networks, or Wi-Fi, after months of crushing criticism for the existing -- and easy-to-circumvent -- WEP (Wired Equivalent Privacy) standard.
The organisation's new technology is called Wireless Protected Access (WPA) and it will be an optional add-on for Wi-Fi equipment starting in February. By August 2003 WPA is expected to become a mandatory standard in all approved Wi-Fi equipment. Most vendors are expected to offer firmware and software updates for "Wi-Fi Certified" products currently in use, the Alliance said.
The primary improvement that WPA offers over WEP is an enhanced encryption technology called TKIP (Temporal Key Integrity Protocol), which is much tougher to break than the static key encryption system in WEP. Additionally, the encryption process itself is protected by a password, a feature not included in WEP.
"Enterprises, small businesses and home users need a stronger standards-based security solution than WEP and they need it now," said Wi-Fi Alliance chairman Dennis Eaton. "Security is, and will continue to be, the highest priority for the Wi-Fi Alliance and for the industry." Eaton said the Wi-Fi Alliance worked with the Institute of Electrical and Electronics Engineers (IEEE) 802.11 Standards Working Group for Wireless Local Area Networks (WLANS) to produce the new security solution.
However, it is understood that the replacement for WEP is only a temporary fix for the nagging problem of Wi-Fi security. Sometime in late 2003 the IEEE is set to introduce a much beefier security standard called 802.11i, which will incorporate WPA features. "WPA will meet the needs of both manufacturers and customers for the foreseeable future and the IEEE will also continue its work on the full 802.11i amendment, which is expected to be completed mid-next year," commented Stuart J Kerry of the IEEE 802.11 Standards Working Group.
WEP was heavily criticised by information security experts, particularly after free software tools such as AirSnort were made available on the Net, allowing would-be attackers to quickly crack into wireless networks that extended beyond the confines of home or office. Placing Wi-Fi networks behind a corporate firewall offered greater levels of protection, experts concluded, but multiple surveys in the US and Europe have shown that a huge proportion of wireless networks remain completely unsecured.
Despite its security weaknesses, however, the popularity of wireless LAN technology continues to grow. According to research body Gartner Dataquest, worldwide wireless LAN shipments should increase by 73 percent in 2002, while revenue will increase 26 percent. Gartner predicts that by 2003, WLAN shipments will total 26.5 million units, up from 15.5 million units in 2002, while revenue will reach almost USD2.8 billion in 2003, compared to USD2.1 billion in 2002. Gartner analysts say the market will continue to experience healthy growth through to 2007.
|
