Light Reading

WPA's Insecure Legacy

Light Reading
LR Mobile News Analysis
Light Reading
4/14/2003
50%
50%

A coming upgrade for the 802.11 specification that is being promoted by the Wi-Fi Alliance cannot be supported by the majority of wireless LAN equipment already in use, prompting concern among analysts and vendors that older infrastructure could still be used as a backdoor into supposedly secure new networks.

WiFi Protected Access (WPA) is being promoted by the WiFi Alliance as a solution to the security issues that have dogged the adoption of 802.11, especially in the enterprise (see 802.11 Security Issues Sorted?). WPA is a security system comprising the elements already fixed and agreed upon by the Institute of Electrical and Electronics Engineers Inc. (IEEE) security task group, including: Temporal Key Integrity Protocol (TKIP) and Counter Mode with CBC-MAC Protocol (CCMP) for over-the-air encryption, and access control standard for user authentication and encryption key distribution. It is supposed to be more secure than the current WEP (wired equivalent privacy) security standard.

Products incorporating WPA are now being tested and should be certified and available in May. However, while the move is a step in the right direction, WPA will be of no benefit to anyone using existing 802.11b (11-Mbit/s over 2.4GHz) networks. The technology can only be incorporated in new 802.11b, 802.11a (54-Mbit/s over 5GHz) and 802.11g (54-Mbit/s over 2.4GHz) products. This is leading to concerns about enterprises mixing newly ratified WPA products with original hardware, as the network can only be as secure as the weakest access point.

“There are issues with WPA backwards compatibility with some products,” confirms Ian Keene, vice president of telecommunications research at Gartner Inc. “If an enterprise or home user went for a single vendor solution then we don’t expect too many problems, but it is a problem for interoperability between different vendors.”

Such issues could cause a major headache for the growing number of enterprises rolling out wireless LAN networks to their employees (see 802.11 WLAN Shipments Double and Europe Set for WLAN Boom). “It is not going to be possible to buy WiFi-Alliance-tested WPA products that are backwards compatible with every previous product, and that could be a big obstacle,” says Keene, adding that he expects to see compatibility problems with the current crop of wireless LAN cards on the market.

The vendors Unstrung spoke to claim to be tackling the compatibility issue. “We are looking into it because there are certainly areas that need to be resolved,” says Proxim Corp.'s (Nasdaq: PROX) solutions marketing manager, Jan Buis. “We are aware of this problem. Security is the hottest issue in wireless LAN at the moment, and as a vendor we must make it our highest priority.”

“We are trying to educate the enterprise user by telling them about these issues,” comments 3Com Corp.’s (Nasdaq: COMS) international segment manager for wireless and security, Angelo Lamme. “A network, after all, can only be as secure as the weakest link.”

While no enterprise is immune to the compatibility problems, both vendors point out that it is the latest adopters of wireless LAN, rather than the earlier, tech-savvy enterprises, that require the greatest amounts of education as to the potential for security holes in the network. “The early adopters of wireless LAN accept some of the insecurities that exist today,” says Buis. “The primary reason why new security features have entered this market is because of the number of customers unwilling to use wireless LAN at present.”

In the short term, at least, vendors in this space face the task of informing users of the pitfalls involved in mixing old and new infrastructure. “This is an ongoing problem,” concludes Gartner’s Keene. “We expect it to be resolved in the next two years, but it isn’t going to happen overnight. It really depends on how well vendors can work with each other to help iron out the problems.”

These latest concerns will do little to combat the growing fear of security problems with enterprise wireless LAN use. In a recent Unstrung poll of readers, 72 percent of respondents perceived security as the major drag on wireless LAN deployment within corporations (see Poll: WLAN Has Limited Life). Recently, RSA Security added fuel to the fire by highlighting the ease with which corporate networks can be hacked (see Hackers Crack London WLANs).

— Justin Springham, Senior Editor, Europe, Unstrung

(0)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View
Flash Poll
From The Founder
The New IP is actually bigger even than business. Like another hugely important tech that Light Reading is digging into right now, the New IP has the potential to change the world by fundamentally advancing what it is possible for people to achieve with communications.
LRTV Huawei Video Resource Center
Huawei Shares Its Vision of the Future of Mobile Networks Innovations

2|26|15   |   2:30   |   (0) comments


Mobile broadband is changing our lives. It's reshaping the Internet, industry, and society. It allows us to freely connect with one another anytime, anywhere. At this year's Mobile World Congress, Huawei will share its latest insights and newest ideas and technologies that will shape the future of MBB. They will showcase their end-to-end MBB solutions that will ...
LRTV Huawei Video Resource Center
Accelerate Digitizing, Boost Digital Business

2|26|15   |   6:14   |   (0) comments


A new digital revolution is leading us to a better connected world. Together with millions of digital partners, Huawei will help CSPs to build their digital service ecosystem and aggregate a wide variety of digital services. In this video, we find out how Huawei is going to help CSPs implement digital operations.
LRTV Huawei Video Resource Center
The Secret Recipe to Enabling Hyper-Growth Industries

2|26|15   |   3:38   |   (0) comments


With a number of successful cases on network capability exposure, Huawei is going to share the secret recipe to enabling hyper-growth markets with a step-by-step approach.
LRTV Documentaries
BTE 2015 Is Bigger & Even Better

2|25|15   |   03:13   |   (4) comments


This year's Big Telecom Event (BTE) in Chicago is going to provide more opportunities than ever for networking, getting to grips with key industry challenges and opportunities and, equally as important, having some fun.
LRTV Interviews
Light Reading ICT Leaders Roundtable at MWC 2015

2|12|15   |   1:07   |   (2) comments


On Sunday March 1, 2015, Light Reading will host an ICT Leaders Roundtable in partnership with Huawei. At this half-day event, CIOs, analysts and researchers will discuss key industry trends like virtualization in the cloud with a specific focus on new business models. Located at the luxurious Renaissance Hotel near the Fira Barcelona, space is limited so please ...
LRTV Documentaries
Going Green in 2015

2|12|15   |   02:04   |   (0) comments


Energy efficiency is set to be an incredibly hot topic in the telecom industry this year.
LRTV Custom TV
SDN & NFV: Where Are We Going From Here?

2|11|15   |   11:27   |   (0) comments


Vitesse Semiconductor CTO Martin Nuss gives his perspective on why SDN and NFV should be tightly interconnected and how he sees the industry moving forward.
LRTV Documentaries
Time for Gigabit Europe?

2|9|15   |   01:27   |   (4) comments


Gigabit broadband networks are springing up all around the US and they'll soon become more commonplace in Europe.
LRTV Interviews
Brocade Brings New IP Vision to 2020 Vision Executive Summit

2|3|15   |   4:23   |   (0) comments


In December 2014, Light Reading gathered telecom executives in Reykjavik, Iceland to discuss their vision for high-capacity networks through the end of the decade. The intimate, interactive meeting was set against the backdrop of Iceland's spectacular natural beauty. As one of the event's founding sponsors, Brocade's Kelly Herrell shared his company's strategy at ...
LRTV Interviews
Brocade's Kelly Herrell on the New IP

2|2|15   |   12:36   |   (0) comments


In December 2014, Steve Saunders sat down with Brocade VP of Software Networking Kelly Herrell at Light Reading's 2020 Vision executive summit in Reykjavik, Iceland. They spoke about Brocade's approach to the New IP, the future of the telecom industry, and more.
LRTV Huawei Video Resource Center
Dr. Dong Sun Talks About Carriers' Digital Transformation & Huawei’s Telco OS

1|29|15   |   6:28   |   (0) comments


Dr. Dong Sun, Chief Architect of Digital Transformation Solutions at Huawei, discusses how telecom operators can become digital ecosystem enablers and deliver optimal user experiences that are in real-time, on-demand, all-online, DIY and social (ROADS).
LRTV Huawei Video Resource Center
Huawei's Chief Network Architect Talks about Network Experience & Operators’ Strategies

1|29|15   |   3:39   |   (0) comments


In the digital age, network experience has become the primary productivity especially for telecom operators. In this video, Wenshuan Dang, Huawei’s Chief Network Architect, discusses how carriers can tackle the challenge of infrastructure complexity in order to enhance business agility and improve user experience.
Upcoming Live Events
March 17, 2015, The Cable Center, Denver, CO
April 14, 2015, The Westin Times Square, New York City, NY
May 12, 2015, Grand Hyatt, Denver, CO
May 13-14, 2015, The Westin Peachtree, Atlanta, GA
June 8, 2015, Chicago, IL
June 9-10, 2015, Chicago, IL
June 9, 2015, Chicago, IL
June 10, 2015, Chicago, IL
All Upcoming Live Events
Infographics
Net neutrality, broadband services and the current outlook on data consumption, as presented by the New Jersey Institute of Technology.
Hot Topics
Cyber Security Expert Warns: You're Doing It Wrong
Sarah Thomas, Editorial Operations Director, 2/23/2015
10 Weirdly Useful IoT Devices
Eryn Leavens, Copy Desk Editor, 2/24/2015
Small Cells Enabling Location Services
Sarah Thomas, Editorial Operations Director, 2/25/2015
MWC: Let the Madness Begin
Ray Le Maistre, Editor-in-chief, 2/23/2015
Is FCC Weighing Net Neutrality Changes?
Mari Silbey, Independent Technology Editor, 2/25/2015
Like Us on Facebook
Twitter Feed
Webinar Archive
BETWEEN THE CEOs - Executive Interviews
Check out Light Reading's interview with Jay Samit, the newly appointed CEO of publicly traded SeaChange International Inc. With a resume that includes Sony, EMI, and Universal, Samit brings a reputation as an entrepreneur and a disruptor to his new role at the video solutions company. Hear what he had to say about the opportunities in video, as well as the outlook for cable, telco, OTT and mobile service providers.
G'day! And welcome to an entirely new feature on Light Reading -- our weekly "CEO-to-CEO" interview.