Responding to widely publicized criticism that wireless 802.11 broadband
networks give easy entry to hackers, the Wi-Fi Alliance has announced a new
scheme aimed at closing up the security holes.
Based on a new Institute of Electrical and Electronics Engineers standard,
'Wi-Fi Protected Access' will replace the older 'Wired Equivalent Privacy' (WEP)
scheme now standard with Wi-Fi-certified products.
Wi-Fi product vendors will likely provide WPA upgrades in the coming months,
and the first Wi-Fi products to use the new security measures are expected in
the first quarter of 2003.
A major flaw to the older WEP security laid in the fact that consumers had to
activate it and set the password keys themselves. This often didn't happen,
leaving many wireless home and office networks wide open to intrusion from
roving hackers. Armed with a laptop with an 802.11 card, the hackers could enter
the networks and access files or use applications.
WPA, in contrast, uses 'Temporal Key Integrity Protocol' to create a rotating
encryption key, changing with every 10 kilobytes of data transmitted over the
network. That makes it harder for hackers to tap into Wi-Fi networks.
'Enterprises, small businesses and home users need a stronger standards-based
security solution than WEP and they need it now,' Wi-Fi Alliance chairman Dennis
Eaton said. 'Security is, and will continue to be, the highest priority for the
Wi-Fi Alliance and for the industry.'
