Paper finds new wireless standard less secure
A new paper by a leading security expert says that the new Wi-Fi Protected Access (WPA) security standard may be less secure, in certain scenarios, than WEP, the wireless standard it was designed to replace.
In the paper, "Weakness in Passphrase Choice in WPA Interface," Robert Moskowitz, a senior technical director at ICSA Labs, part of TruSecure Corp., describes a number of problems with the new WPA standard, including the ability of attackers to "sniff" critical information from wireless traffic and to discover the value of a wireless network's security key.
WPA is a new security standard based on work by the Institute of Electrical and Electronics Engineers Inc. (IEEE) on the 802.11i wireless security standard. WPA is intended to replace Wired Equivalent Privacy (WEP), the most common standard for securing data on wireless networks.
[ Read more ]
- Review: Real 802.11 Security: Wi-Fi Protected Access and 802.11i (3 November 2003)
- Review: 802.11 Security (3 October 2003)
- Review: Installing, Troubleshooting, and Repairing Wireless Networks (5 September 2003)
- Review: Building Secure Wireless Networks with 802.11 (28 August 2003)
- Review: How Secure is Your Wireless Network? Safeguarding Your Wi-Fi LAN (22 August 2003)
- Article: Lack of Security at Wireless Conferences (6 August 2003)
- Review: WiFi Security (9 July 2003)
- Review: Wireless Security End to End (4 June 2003)
- Review: The Complete Wireless Internet and Mobile Business Programming Training Course (28 May 2003)
- Review: Deploying License-Free Wireless Wide-Area Networks (14 May 2003)
- Article: Positive Identification in a Wireless World (6 May 2003)
- Article: Warchalking and Other Wireless Worries (3 April 2003)
- Article: How to Make Wireless Networks Secure (26 March 2003)
- Article: Interview with Cyrus Peikari, CEO of AirScanner Mobile Security (24 February 2003)
- Review: Maximum Wireless Security (17 February 2003)
- Article: Detecting Wireless LAN MAC Address Spoofing (22 January 2003)
- Article: Avoid Wireless LAN Security Pitfalls (17 January 2003)
- Article: Interview with Jay Chaudhry, CEO of AirDefense (7 January 2003)
- Review: Wireless Security and Privacy: Best Practices and Design Techniques (17 December 2002)