Difference between revisions of "The Improvements in Security of WiFi Transmissions"
(Written by Michael Davies) |
|||
| Line 13: | Line 13: | ||
==Paradigms:== | ==Paradigms:== | ||
Emerging paradigms associated with the emergence of WPA security: | Emerging paradigms associated with the emergence of WPA security: | ||
*Increases in Wardriving are fueling fears that security vulnerabilties will be exploited and there will be increased opportunity for attacks | |||
*Laptops are increasingly being delivered with WiFi as standard, and open to attack without users even realising | |||
*Poor knowledge of security techniques and consumer desire to 'roam' between sites (without knowing security settings) is increasing scope for attacks | |||
==Experts:== | ==Experts:== | ||
| Line 24: | Line 26: | ||
*In 2003, the 802.11 consortium expedited the release of 802.11i security - i.e. WPA | *In 2003, the 802.11 consortium expedited the release of 802.11i security - i.e. WPA | ||
*In 2004 802.11i was ratified and with it WPA2 was established | *In 2004 802.11i was ratified and with it WPA2 was established | ||
==Web Resources:== | ==Web Resources:== | ||
Revision as of 08:22, 17 March 2005
Description:
Whilst improvements in the security of WiFi transmissions is a relatively new phenonmenon, it is set to continue in coming years, and is high on the agenda for corporations considering choosing WiFi technology over wired solutions. It is becoming ever-more crucial as WiFi becomes more popular and as larger amounts of data are being transferred across WiFi networks. The original IEEE 802.11 standard included provisions for security known as WEP (Wired Equivalent Privacy) but numerous studies have shown this standard to be vulnerable; new standards have therefore been developed. WPA (WiFi Protected Access) was offered in 2003 to tackle this concern, eliminating the need for corporate and content-sensitive networks to employ VPNs or other mechanisms. A particularly successful element of WPA has been the backward compatibility with all 802.11 standards, allowing current users of WiFi technology to benefit, and opening up resources that companies may already have had but were afraid to use. WPA has also become an essential element for device qualification to 'WiFi-Certification'. WPA2 has been released in 2004 though the benefits have been limited, mainly to a new encryption mechanism, as WPA was essentially an advance version of WPA2 intended to address immediate fears. Questions are still being asked, however, of vulnerabilities brought about by poor manufacturer implementation of such standards.
Enablers:
- Increasing demand by corporate consumers
- Increasing attention of research on the 802.11 standard
- Increased support by major industry leaders - e.g. Intel, Apple
Inhibitors:
- Backward compatibility had to be retained
- Hardware manufacturers' products had to be compatible
Paradigms:
Emerging paradigms associated with the emergence of WPA security:
- Increases in Wardriving are fueling fears that security vulnerabilties will be exploited and there will be increased opportunity for attacks
- Laptops are increasingly being delivered with WiFi as standard, and open to attack without users even realising
- Poor knowledge of security techniques and consumer desire to 'roam' between sites (without knowing security settings) is increasing scope for attacks
Experts:
- IEEE - http://www.ieee.org
- Intel - http://www.intel.org
Timing:
- Original IEEE 802.11 standard established in 1997 - Used WEP security
- By 2001 research had shown major flaws with the WEP standard available
- In 2003, the 802.11 consortium expedited the release of 802.11i security - i.e. WPA
- In 2004 802.11i was ratified and with it WPA2 was established