WEP is out, WPA is in

Thursday, 14 November 2002, 4:58 PM EST

On October 31, 2002, the Wi-Fi Alliance (a nonprofit body that certifies IEEE 802.11 products) announced WPA, a security offering based on IEEE standards. WPA, which replaces WEP, works with established products and will likely appear in Wi-Fi-certified products in first quarter 2003. Most vendors will likely offer firmware and software updates for products.

The Wi-Fi Alliance has responded to security vulnerabilities in WEP, which is based on the 802.11 specification. WPA enables 802.11i-based Temporal Key Integrity Protocol (TKIP) encryption and 802.1x/Extensible Authentication Protocol (EAP) authentication before approval of the full 802.11i standard. TKIP overcomes the static key problems that made WEP vulnerable to hackers and delivers adequate levels of encryption and authentication for most enterprise requirements. It will support frequent changing of the encryption algorithm keys used in wireless LANs (WLANs). 802.1x/EAP supports mutual authentication of client and host, thus preventing potential "man in the middle" vulnerabilities where intruders masquerade as hosts and try to capture passwords.

[ Read more ]

Comment:

For all your wireless security information needs, visit the Wireless outside articles section of HNS.

Related items




Spotlight

Internet Explorer vulnerabilities increase 100%

Posted on 23 July 2014.  |  Bromium Labs research determined that Internet Explorer vulnerabilities have increased more than 100 percent since 2013, surpassing Java and Flash vulnerabilities.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Jul 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //