Light Reading

WPA's Insecure Legacy

Light Reading
LR Mobile News Analysis
Light Reading
4/14/2003
50%
50%

A coming upgrade for the 802.11 specification that is being promoted by the Wi-Fi Alliance cannot be supported by the majority of wireless LAN equipment already in use, prompting concern among analysts and vendors that older infrastructure could still be used as a backdoor into supposedly secure new networks.

WiFi Protected Access (WPA) is being promoted by the WiFi Alliance as a solution to the security issues that have dogged the adoption of 802.11, especially in the enterprise (see 802.11 Security Issues Sorted?). WPA is a security system comprising the elements already fixed and agreed upon by the Institute of Electrical and Electronics Engineers Inc. (IEEE) security task group, including: Temporal Key Integrity Protocol (TKIP) and Counter Mode with CBC-MAC Protocol (CCMP) for over-the-air encryption, and access control standard for user authentication and encryption key distribution. It is supposed to be more secure than the current WEP (wired equivalent privacy) security standard.

Products incorporating WPA are now being tested and should be certified and available in May. However, while the move is a step in the right direction, WPA will be of no benefit to anyone using existing 802.11b (11-Mbit/s over 2.4GHz) networks. The technology can only be incorporated in new 802.11b, 802.11a (54-Mbit/s over 5GHz) and 802.11g (54-Mbit/s over 2.4GHz) products. This is leading to concerns about enterprises mixing newly ratified WPA products with original hardware, as the network can only be as secure as the weakest access point.

“There are issues with WPA backwards compatibility with some products,” confirms Ian Keene, vice president of telecommunications research at Gartner Inc. “If an enterprise or home user went for a single vendor solution then we don’t expect too many problems, but it is a problem for interoperability between different vendors.”

Such issues could cause a major headache for the growing number of enterprises rolling out wireless LAN networks to their employees (see 802.11 WLAN Shipments Double and Europe Set for WLAN Boom). “It is not going to be possible to buy WiFi-Alliance-tested WPA products that are backwards compatible with every previous product, and that could be a big obstacle,” says Keene, adding that he expects to see compatibility problems with the current crop of wireless LAN cards on the market.

The vendors Unstrung spoke to claim to be tackling the compatibility issue. “We are looking into it because there are certainly areas that need to be resolved,” says Proxim Corp.'s (Nasdaq: PROX) solutions marketing manager, Jan Buis. “We are aware of this problem. Security is the hottest issue in wireless LAN at the moment, and as a vendor we must make it our highest priority.”

“We are trying to educate the enterprise user by telling them about these issues,” comments 3Com Corp.’s (Nasdaq: COMS) international segment manager for wireless and security, Angelo Lamme. “A network, after all, can only be as secure as the weakest link.”

While no enterprise is immune to the compatibility problems, both vendors point out that it is the latest adopters of wireless LAN, rather than the earlier, tech-savvy enterprises, that require the greatest amounts of education as to the potential for security holes in the network. “The early adopters of wireless LAN accept some of the insecurities that exist today,” says Buis. “The primary reason why new security features have entered this market is because of the number of customers unwilling to use wireless LAN at present.”

In the short term, at least, vendors in this space face the task of informing users of the pitfalls involved in mixing old and new infrastructure. “This is an ongoing problem,” concludes Gartner’s Keene. “We expect it to be resolved in the next two years, but it isn’t going to happen overnight. It really depends on how well vendors can work with each other to help iron out the problems.”

These latest concerns will do little to combat the growing fear of security problems with enterprise wireless LAN use. In a recent Unstrung poll of readers, 72 percent of respondents perceived security as the major drag on wireless LAN deployment within corporations (see Poll: WLAN Has Limited Life). Recently, RSA Security added fuel to the fire by highlighting the ease with which corporate networks can be hacked (see Hackers Crack London WLANs).

— Justin Springham, Senior Editor, Europe, Unstrung

(0)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View
Flash Poll
Wagner’s Ring
Data Centers Drive Telcos Into the Future

8|28|14   |   2:20   |   (2) comments


Data centers are at the heart of key trends driving telecom -- network virtualization, the drive for increased agility, and the need to compete with OTT providers.
LRTV Custom TV
Why SPs Should Consider Cisco's EPN

8|27|14   |   5:40   |   (0) comments


Sultan Dawood from Cisco discusses Cisco's EPN, which enables SPs to build agile and programmable networks delivering new network virtualized services using Cisco's Evolved Services Platform (ESP).
LRTV Huawei Video Resource Center
Huawei’s Showcase @ Big Telecom Event 2014

8|26|14   |   2.56   |   (0) comments


SoftCOM is Huawei's framework for telecom business and network transformation. Haofei Liu, Solution Marketing Manager, Carrier Business Group, Huawei, showcases Huawei's SoftCOM architecture in this video.
LRTV Huawei Video Resource Center
Huawei @ BTE 2014: Director of Integrated Solutions on SoftCOM & NFV Monetization

8|26|14   |   4.43   |   (0) comments


Libin Dai, Director of Integrated Solutions, Carrier Business Group, discusses Huawei's SoftCOM and NFV monetization. Huawei believes that NFV monetization should be service-driven rather than network-driven, and that operators should have network transformation, service transformation and a compatible and collaborative ecosystem in place in order to deploy NFV.
LRTV Huawei Video Resource Center
Huawei @ BTE 2014: Director of US NFV Lab on CloudEdge & the Future of NFV

8|26|14   |   4.06   |   (0) comments


Sean Chen, Director of US NFV Lab at Huawei, discusses Huawei's new approach to NFV in open collaboration. Huawei believes that through Proof of Concept tests, it could help operators learn and communicate with the industry more effectively. Sean believes that successful implementation of NFV should have its values reaching to end users and discusses how Huawei's ...
LRTV Huawei Video Resource Center
Huawei's Highlights @ Big Telecom Event 2014

8|26|14   |   3.34   |   (0) comments


At the Big Telecom Event in Chicago Huawei showcases its high-level strategy, the SoftCOM architecture, which helps operators reduce the cost of ownership of their network infrastructure and generate additional revenue in the ICT service environment. Huawei showcases over 30 pilot programs from across the globe, focusing on the industry-leading commercial ...
LRTV Custom TV
VeEX – Live from the Show

8|21|14   |   5:58   |   (0) comments


An overview of VeEX Test and Measurement solutions including TX300S multi-service test set with VeExpress cloud-based management system, UX400 universal modular platform supporting 100G testing, and the redesigned RXT modular platform.
LRTV Custom TV
Transitioning CE 2.0 Networks Into the SDN & NFV Era With Telco Systems

8|19|14   |   5:19   |   (0) comments


Telco Systems' Ariel Efrati (CEO) and Moshe Shimon (VP of Product Management) discuss virtualization and how the company's new Open Metro Edge solution utilizes the SDN and NFV concepts to accelerate and orchestrate service delivery through its innovative product portfolio and software applications.
LRTV Custom TV
NFV Myths: Is NFV Still Several Years Away?

8|11|14   |   1:13   |   (0) comments


Some say that NFV (network functions virtualization) is still several years away from being implemented on mobile operator networks. This isn't the case. Operators can get started on their paths to NFV now, as this short video from Skyfire shows.
LRTV Custom TV
A New Security Paradigm in SDN/NFV

7|28|14   |   02:54   |   (0) comments


Paul Shaneck, Global Director Network Solutions for Symantec, discusses the evolving virtualized network, explaining how Symantec is leading the security discussion as it relates to SDN and NFV, and helping to ensure the network is protected and compliant.
LRTV Documentaries
Sprint's Network Evolution

7|24|14   |   14:59   |   (0) comments


Sprint's Jay Bluhm gives a keynote speech at the Big Telecom Event (BTE) about Sprint's network and services evolution strategy, including Spark.
LRTV Documentaries
BTE Keynote: The Software-Defined Operator

7|24|14   |   18:43   |   (1) comment


Deutsche Telekom's Axel Clauberg explains the concept of the software-defined operator to the Big Telecom Event (BTE) crowd.
Upcoming Live Events!!
September 16, 2014, Santa Clara, CA
September 16, 2014, Santa Clara, CA
September 23, 2014, Denver, CO
October 29, 2014, New York City
November 6, 2014, Santa Clara
November 11, 2014, Atlanta, GA
December 9-10, 2014, Reykjavik, Iceland
June 9-10, 2015, Chicago, IL
Infographics
A survey conducted by Vasona Networks suggests that 72% of mobile users expect good performance all the time, and they'll blame the network operator when it's not up to par.
Today's Cartoon
Hot Topics
Rogers, Shaw Take Aim at Netflix
Mari Silbey, Independent Technology Editor, 8/26/2014
Utilities to Pump $11.2B Into Smart Grid – Study
Jason Meyers, Senior Editor, Utility Communications/IoT, 8/26/2014
Verizon Launches QR Code Security Solution
Carol Wilson, Editor-at-large, 8/26/2014
Nokia's Maps Land on Samsung Devices
Sarah Reedy, Senior Editor, 8/29/2014
Verizon to Launch HD VoLTE in 'Coming Weeks'
Sarah Reedy, Senior Editor, 8/26/2014
Like Us on Facebook
Twitter Feed