The WiFi Alliance — the certification body that blesses 802.11 devices — has announced a plan to replace the broken and crumbling WEP (Wired Equivalent Privacy) "security" system with something called "Wi-Fi Protected Access" (WPA). The press-release links to a couple of feel-good PDFs about WPA. It seems like there's some behind-the-scenes politicking going on at the standards body (WPA isn't a standard yet, but WiFi Alliance will roll out a version that's "forward compatible" with a "proposed standard"). Anyone know where the security wonks are duking it over over whether or not WPA works?
In enterprise mode, a network server and sophisticated authentication
mechanisms are utilized and automatically distribute special encryption keys, called
master keys.In a home environment, where there are no network servers, Wi-Fi Protected Access
runs in a special mode, which allows the use of manually entered keys or passwords
instead. This mode, also called Pre-Shared Key (PSK), is designed to be easy to set up
for the home user. All the home user needs to do is enter a password (also called a
master key) into their access point or home wireless gateway and each PC that is on the
Wi-Fi wireless network. After entering the password, Wi-Fi Protected Access
automatically takes over. First, it keeps out eavesdroppers and other unauthorized
users by requiring all devices to have the matching password. Second, the password
kicks off the encryption process, which in Wi-Fi Protected Access is called Temporal Key
Integrity Protocol (TKIP).
