Wi-Fi Security Gets a Boost
The IEEE 802.11i standard will plug all known security holes in IEEE 802.11 wireless LANs, also known as Wi-Fi, but probably won't see final approval or shipping products until about a year from now, according to an Intel network architect involved in the drafting of the standard who spoke at Intel's Spring Developer Forum last week.
However, technical advances already available can make wireless LANs far more secure than they originally were. Also, to give themselves some protection, many companies could start by simply using what came with 802.11 to start with, said a Cisco Systems engineer who spoke at the same session.
WEP, or Wired Equivalent Privacy, the security mechanism initially built into all standard 802.11 products, encrypts data on the wireless network but is flawed because it reuses the same encryption key, said Jesse Walker, a network architect at Intel and the editor of the 802.11i standard now in development under the Institute of Electrical and Electronics Engineers. A would-be hacker can figure out that key from a small amount of traffic, he said. WEP also doesn't stop interlopers from altering data as it crosses the network, he added.
[ Read more ]
For all your wireless security information needs, visit the Wireless outside articles section of HNS.
- Review: Maximum Wireless Security (17 February 2003)
- Review: Wireless Security and Privacy: Best Practices and Design Techniques (17 December 2002)