ZDNet UK


Skip to Main Content

  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Mobile working Toolkit in association with http://ad.doubleclick.net/clk;209317412;17864748;n?http://www.smb.toshiba.co.uk

Better ways emerge to protect wireless data

Brien M Posey

Published: 20 Aug 2003 15:20 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

For several years now, the primary security mechanism used between wireless access points and wireless clients has been WEP encryption. The problem is that although WEP encryption strength has increased a few times since Wi-Fi was introduced, the WEP protocol is still fundamentally weak because it uses a static encryption key. As a result, motivated attackers can easily crack WEP encryption by using freely available hacking tools.

Fortunately, some standard alternatives to WEP are emerging. The Institute of Electrical and Electronics Engineers (IEEE) has defined an expansion to the 802.11 protocol that will allow for increased security. Unfortunately, the standard is presently in draft form and isn't expected to be ratified until the end of 2003. In the meantime, though, most of the Wi-Fi manufacturers have agreed to use a temporary standard for enhanced security called Wi-Fi Protected Access (WPA). Although WPA is a temporary protocol and isn't recognised by IEEE, it is very similar to the revised IEEE standard expected by the end of the year. Therefore, administrators that manage wireless LANs should become familiar with WPA.

802.1X authentication
If you have been using Wi-Fi for a while, you are probably familiar with the 802.1X authentication protocol. This protocol allows users to authenticate into a wireless network by means of a Radius Server. In standard Wi-Fi, 802.1X authentication is optional. However, 802.1X authentication is a requirement for WPA.

If your environment does not have a Radius server in place, you can still use WPA in spite of the 802.1X requirement. As an alternative to Radius, WPA supports the use of a pre-shared key.

WPA key management
One of the biggest drawbacks to traditional WEP security is that changing the encryption key is optional. Even if you do switch encryption keys from time to time, there is no option for globally re-keying all access points and all wireless NICs. Instead, re-keying is a tedious manual process and is completely impractical for large organisations. After all, the instant you re-key an access point, none of the clients will be able to access it until they are also re-keyed.

Next

Previous

1 2 3


  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with Konica

Did you find this article useful?
180 out of 300 people found this useful


In association with Intel

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Mobile working


Company/Topic Alerts

Create a new alert from the list below:



Related Jobs

Head of PCI

Software Technical Lead

Wireless Business Developer, WI-FI, GSM, Cambridge

Related Toshiba Resources

Toshiba Laptop Buyers' Guide

Toshiba Website

See All White Papers

On The Road Blog

HTC G1 Camera Phone

Now for some years, I have noticed that HTC doesn't make very good camera phones. They have been trying to shed some light on why it takes such gawdawful pictures but I don't think... More

Post a comment

Sony Ericsson Xperia X1

Phones are not my usual choice of bloging material but this phone really did impress me! The superb webpage video episode layout does a good job to show you what's possible with windows... More

2 comments

Mysterious black radio ops in London

I had just popped out of our Southwark offices for a moment at lunchtime when a most peculiar vehicle swanned past. It was a shiny black Ford Mondeo estate, but the roof was studded... More

9 comments