Light Reading

WPA's Insecure Legacy

Light Reading
LR Mobile News Analysis
Light Reading
4/14/2003
50%
50%

A coming upgrade for the 802.11 specification that is being promoted by the Wi-Fi Alliance cannot be supported by the majority of wireless LAN equipment already in use, prompting concern among analysts and vendors that older infrastructure could still be used as a backdoor into supposedly secure new networks.

WiFi Protected Access (WPA) is being promoted by the WiFi Alliance as a solution to the security issues that have dogged the adoption of 802.11, especially in the enterprise (see 802.11 Security Issues Sorted?). WPA is a security system comprising the elements already fixed and agreed upon by the Institute of Electrical and Electronics Engineers Inc. (IEEE) security task group, including: Temporal Key Integrity Protocol (TKIP) and Counter Mode with CBC-MAC Protocol (CCMP) for over-the-air encryption, and access control standard for user authentication and encryption key distribution. It is supposed to be more secure than the current WEP (wired equivalent privacy) security standard.

Products incorporating WPA are now being tested and should be certified and available in May. However, while the move is a step in the right direction, WPA will be of no benefit to anyone using existing 802.11b (11-Mbit/s over 2.4GHz) networks. The technology can only be incorporated in new 802.11b, 802.11a (54-Mbit/s over 5GHz) and 802.11g (54-Mbit/s over 2.4GHz) products. This is leading to concerns about enterprises mixing newly ratified WPA products with original hardware, as the network can only be as secure as the weakest access point.

“There are issues with WPA backwards compatibility with some products,” confirms Ian Keene, vice president of telecommunications research at Gartner Inc. “If an enterprise or home user went for a single vendor solution then we don’t expect too many problems, but it is a problem for interoperability between different vendors.”

Such issues could cause a major headache for the growing number of enterprises rolling out wireless LAN networks to their employees (see 802.11 WLAN Shipments Double and Europe Set for WLAN Boom). “It is not going to be possible to buy WiFi-Alliance-tested WPA products that are backwards compatible with every previous product, and that could be a big obstacle,” says Keene, adding that he expects to see compatibility problems with the current crop of wireless LAN cards on the market.

The vendors Unstrung spoke to claim to be tackling the compatibility issue. “We are looking into it because there are certainly areas that need to be resolved,” says Proxim Corp.'s (Nasdaq: PROX) solutions marketing manager, Jan Buis. “We are aware of this problem. Security is the hottest issue in wireless LAN at the moment, and as a vendor we must make it our highest priority.”

“We are trying to educate the enterprise user by telling them about these issues,” comments 3Com Corp.’s (Nasdaq: COMS) international segment manager for wireless and security, Angelo Lamme. “A network, after all, can only be as secure as the weakest link.”

While no enterprise is immune to the compatibility problems, both vendors point out that it is the latest adopters of wireless LAN, rather than the earlier, tech-savvy enterprises, that require the greatest amounts of education as to the potential for security holes in the network. “The early adopters of wireless LAN accept some of the insecurities that exist today,” says Buis. “The primary reason why new security features have entered this market is because of the number of customers unwilling to use wireless LAN at present.”

In the short term, at least, vendors in this space face the task of informing users of the pitfalls involved in mixing old and new infrastructure. “This is an ongoing problem,” concludes Gartner’s Keene. “We expect it to be resolved in the next two years, but it isn’t going to happen overnight. It really depends on how well vendors can work with each other to help iron out the problems.”

These latest concerns will do little to combat the growing fear of security problems with enterprise wireless LAN use. In a recent Unstrung poll of readers, 72 percent of respondents perceived security as the major drag on wireless LAN deployment within corporations (see Poll: WLAN Has Limited Life). Recently, RSA Security added fuel to the fire by highlighting the ease with which corporate networks can be hacked (see Hackers Crack London WLANs).

— Justin Springham, Senior Editor, Europe, Unstrung

(0)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
Flash Poll
From The Founder
Anshul Sadana answers questions from Steve Saunders, Light Reading's founder and CEO, about Arista's CloudVision, a global cloud network controller for workload orchestration and workflow automation delivering a turnkey solution for cloud networking.
Live Streaming Video
CLOUD / MANAGED SERVICES: Prepping Ethernet for the Cloud
Moderator: Ray LeMaistre Panelists: Jeremy Bye, Leonard Sheahan
LRTV Huawei Video Resource Center
Huawei ONS Product Demo

8|3|15   |   6:01   |   (0) comments


Huawei shows at Open Networking Summit 2015 in Santa Clara how its SDN and NFV solutions embrace openness.
LRTV Custom TV
End-User or Enterprise Benefits to the New IP

7|30|15   |   04:27   |   (1) comment


Andrew Coward discusses what the New IP means to end users or enterprise customers. He explains compelling reasons, including how every customer can get their own network, from the transformation to the New IP.
LRTV Custom TV
Network Visibility & the New IP

7|30|15   |   02:23   |   (0) comments


Mukund Srigopal provides an explanation of what network visibility is and how it is essential as service providers transition to the New IP. In addition, the importance of the network packet broker is discussed.
Between the CEOs
Video Exclusive With Basil Alwan, Alcatel-Lucent

7|24|15   |   26:44   |   (5) comments


Basil Alwan, President of IP Routing & Transport at Alcatel-Lucent, discusses virtualization, cultural challenges, the capex crunch and more with Light Reading founder and CEO Steve Saunders.
LRTV Custom TV
VDF: Enable the Financial With Mobile Money

7|20|15   |   06:53   |   (0) comments


Ian Ravenscroft discusses how operators can expand to occupy the entire digital services value chain through service innovation.
LRTV Custom TV
Telefónica on OSS Transformation

7|20|15   |   06:01   |   (0) comments


Jose Gonzales discusses the details of Telefónica's operation transformation program.
LRTV Custom TV
Judi Achmadi on Huawei's Cloud Storage Solution

7|20|15   |   03:33   |   (0) comments


Judi discusses the key business goals of TelekomSigma's public cloud service and how Huawei's solution helps them address challenges.
LRTV Custom TV
KPN Enlightening Digital Business & IT Transformation

7|20|15   |   06:19   |   (0) comments


Rob de Beer discusses the changes that operators need to make with service innovation now coming from the Internet world.
LRTV Custom TV
Stratus Telco-Grade Cloud Solutions & NFV

7|20|15   |   07:34   |   (0) comments


Ali Kafel from Stratus Technologies addresses high-availability concerns within the telco industry with a solution that enables telcos to provide high-availability and stateful fault-tolerance using a software-based approach.
LRTV Documentaries
The Six Million Dollar Business Man

7|20|15   |   01:52   |   (0) comments


Steve Saunders, publisher. A man barely alive after an acquisition malfunction imploded the company he founded. Gentlemen, we can rebuild Light Reading. Better, faster, stronger.
Between the CEOs
CEO Chat With Anukool Lakhina, Guavus

7|20|15   |   38:51   |   (1) comment


Guavus CEO Anukool Lakhina talks to Light Reading founder and CEO Steve Saunders about the role of operational analytics in the communications services and networking sectors, particularly in relation to IoT.
LRTV Custom TV
IBM's Flash Storage With Intel QuickAssist

7|20|15   |   03:18   |   (0) comments


Intel's Bev Crair and IBM's Eric Herzog discuss how IBM's V9000 Flash Storage System has helped customers around the world. Featuring real-time compression powered by Intel QuickAssist Technology, the V9000 is a next-gen flash storage solution.
Upcoming Live Events
September 16-17, 2015, The Westin Galleria Dallas, Dallas, TX
September 16, 2015, The Westin Galleria Dallas, Dallas, TX
September 16, 2015, The Westin Galleria Dallas, Dallas, TX
September 29-30, 2015, The Westin Grand Müchen, Munich, Germany
October 14-15, 2015, New Orleans Ernest N. Morial Convention Center, New Orleans, LA
November 5, 2015, Hilton Santa Clara, Santa Clara, CA
November 17, 2015, Santa Clara, California
December 1, 2015, The Westin Times Square, New York City
All Upcoming Live Events
Infographics
To keep up with consumers' increasing digital lifestyles, an IT system and operating model overhaul is required using a modern BSS, IES and analytics.
Hot Topics
Eurobites: Nokia Seals HERE Sale
Paul Rainford, Assistant Editor, Europe, 8/3/2015
Cable Feuds With Senate Dems Over STBs
Alan Breznick, Cable/Video Practice Leader, 7/31/2015
Predictions Are Hard, Especially About the Future
Mitch Wagner, West Coast Bureau Chief, Light Reading, 7/31/2015
Like Us on Facebook
Twitter Feed
September 22, 2015
Media Begins With “Me”
Webinar Archive
BETWEEN THE CEOs - Executive Interviews
I was pleasantly surprised when Ericsson recently agreed to let me interview its CEO, Hans Vestberg. Traditionally, mega-companies like Ericsson (or Cisco) have kept ...
Basil Alwan, President of IP Routing & Transport at Alcatel-Lucent, discusses virtualization, cultural challenges, the capex crunch and more with Light Reading founder and CEO Steve Saunders.
Cats with Phones
Comes With Free Phone Stand Click Here
Who says cats don't have any skills?