* Preauthentication joins AES to bolster WLAN security The IEEE late last month formally approved the long-awaited 802.11i extension to the 802.11 wireless LAN standard for more robust security. The Wi-Fi Alliance is expected to begin vendor product certification testing in September.Most portions of 802.11i, informally known as Wi-Fi Protected Access (WPA), are already at work in products. WPA, for example, requires products to rotate encryption keys on a per-packet basis and use the industry-standard 802.1x framework for authentication.The new pieces of 802.11i now officially on the books are:* The Advanced Encryption Standard (AES) modes of operation for WLAN use. AES replaces RC4-based encryption and requires hardware upgrades to WLAN systems. * Peer-to-peer communications security.* Preauthentication of users for fast, secure roaming. The third item, preauthentication, benefits security and performance. A scheme called Pairwise Master Key (PMK) Caching sets up a shared key between a client device and its authenticator.When a client roams between access points, that client’s credentials no longer must be completely reauthenticated – a task that can take more than 100 milliseconds, says Dan Harkins, a member of the 802.11i committee who claims credit for developing the PMK Caching scheme and also works as a security architect at WLAN vendor Trapeze Networks.In the case of a voice session, for example, a connection would likely be dropped if handoff were to take this long, he says.Historically, WLANs could support fast or secure roaming, but not both. Over time, many vendors have come up with proprietary ways of achieving both capabilities. Now there’s a standard for doing so.The preauthentication scheme comes into play when users roam and in cases when signal strength fades and a client simply needs to find another access point with which to associate, Harkins says.The International Telecommunications Union recommends just a 50-millisecond budget for discovery plus reauthentication. Harkins says PMK Caching can get this time down to 25 milliseconds. Related content how-to Doing tricks on the Linux command line Linux tricks can make even the more complicated Linux commands easier, more fun and more rewarding. By Sandra Henry-Stocker Dec 08, 2023 5 mins Linux news TSMC bets on AI chips for revival of growth in semiconductor demand Executives at the chip manufacturer are still optimistic about the revenue potential of AI, as Nvidia and its partners say new GPUs have a lead time of up to 52 weeks. By Sam Reynolds Dec 08, 2023 3 mins CPUs and Processors CPUs and Processors Technology Industry news End of road for VMware’s end-user computing and security units: Broadcom Broadcom is refocusing VMWare on creating private and hybrid cloud environments for large enterprises and divesting its non-core assets. By Sam Reynolds Dec 08, 2023 3 mins Mergers and Acquisitions Industry news analysis IBM cloud service aims to deliver secure, multicloud connectivity IBM Hybrid Cloud Mesh is a multicloud networking service that includes IT discovery, security, monitoring and traffic-engineering capabilities. By Michael Cooney Dec 07, 2023 3 mins Network Security Network Security Network Security Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe