WPA2 Secures Support

The Wi-Fi Alliance has taken its latest steps to allay lingering security fears over the use of enterprise 802.11 equipment, announcing the official upgrade to the WPA (WiFi Protected Access) specification and support from a gaggle of vendors.

The industry association has unveiled WPA2, a security system that uses a stronger data encryption technique called AES (Advanced Encryption Standard). In contrast, WPA uses Temporal Key Integrity Protocol (TKIP). Based on the IEEE 802.11i security standard, WPA2 is backwards compatible with its predecessor (see WiFi Alliance Touts WPA2).

“It’s basically a tougher lock to crack,” claims Frank Hanzlik, managing director of the Wi-Fi Alliance. “Some corporate users want WiFi-certified products based on the full 802.11i standard. Some government agencies require a security solution that can meet the FIPS 140-2 requirement, which WPA2’s AES addresses.”

Hanzlik states that products from Atheros Communications Inc. (Nasdaq: ATHR), Broadcom Corp. (Nasdaq: BRCM), and Cisco Systems Inc. (Nasdaq: CSCO) have already achieved “WPA2 certification” status and are due for commercial launch “later this month.” (See Atheros Talks Up WPA2 and Broadcom Supports WPA2.)

Today’s move also appears to sound the deathknell for the original WEP (Wired Equivalent Privacy) security spec.

“The Wi-Fi Alliance does not consider WEP to be a secure solution,” notes a group statement. “For legacy device compatibility, WEP remains part of the baseline interoperability test for all Wi-Fi certified products. Over time, the alliance may drop WEP as a requirement for Wi-Fi certification.”

— Justin Springham, Senior Editor, Europe, Unstrung

Be the first to post a comment regarding this story.
Sign In