Home » ISPreview UK News Archives »
Future Wi-Fi Security (WPA) Hits A Snag
By: MarkJ - 07 November, 2003 (8:44 AM)

The next-generation of broadband wireless LAN (Wi-Fi) security protocol, known as Wi-Fi Protected Access (WPA), has been found potentially susceptible to attack:

The issue involves the use of Use of Pre-Shared Key (PSK) as an alternative to 802.1X based key establishment, the approach preferred by corporate environments.

Pre-Shared Keying (PSK) is provided in the WPA and 802.11i standards to simplify deployments in small, low risk, networks. A PSK is a 256 bit number or a pass phrase eight to 63 bytes long.

Cryptographic weaknesses in PSK - particular when used in conjunction with simple pass phrases - mean attackers may be able to crack into systems through passive monitoring of wireless networks followed up by offline dictionary attacks. So the consumer-implementation of WPA is subject to the same kinds of shortcomings that afflicted the weak and broken WEP system, the industry's first (now rejected) stab at a security protocol for wireless networks.

This will not go down well with Wi-Fi's many hotspot and local business site adopters. More @ The Register .

History - [News Archives]


Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved (Terms, Privacy Policy, Links (.), Website Rules).