Wired Equivalent Privacy , the original wireless security protocol, used 40-digit and 128-digit keys encrypted using an algorithm called RC4. With WEP, each client machine was assigned one key per session. WEP was cracked in the summer of 2001 and has since been a weak link in the wireless security chain.
Combining WEP with the 802.1X authentication protocol improved things by forcing a WEP client to ask for access to the network, using the Extensible Authentication Protocol (EAP ) built into 802.1X.
Wireless vendors developed Wi-Fi Protected Access (WPA ) to increase the encryption by using another technique called Temporal Key Integration Protocol (TKIP), which changes the key used by each client several times during each session.
A major part of WPA's security was to come from the replacement of RC4 with a stronger algorithm called the Advanced Encryption Standard (AES ), which was developed for the U.S. military by the National Institute of Standards.
Developing the protocol using AES and getting all the vendors to sign off on the specifics took time the vendors didn't have, however. To meet rising demand, most released products that used TKIP instead of AES, and it was still called WPA.
The fully baked version of 802.11i, which many vendors and integrators still refer to as WPA2, replaces TKIP with AES, and wasn't approved by the IEEE until June 2004.
Products have been undergoing compatibility testing at the labs of the Wi-Fi Alliance - a consortium of vendors that develops and certifies wireless specifications, and started to hit the market early this year.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment