IEEE Approves 802.11i

Dozix007 writes "IEEE has approved a new wireless security protocol dubbed 802.11i, intended to finally provide sufficient security for wireless connections that users don't need to rely on alternate security layers. The new specification works by using AES encryption in the transceiver itself, encrypting data directly at the level just above the actual radio pulses themselves. That makes it transparent for applications sending data through the radio, so legacy programs running on new 802.11i-compliant hardware will automatically get the benefits of the new protocol without the need for modification."

Re:802******* and beyond

Here you go. Pirate radio, on the cheap!

Re:Sure but does it require new equipment

[spellraiser]

Well, since encryption only involves standard processing, a firmware upgrade should be all that's required. Don't see any reason why a device would need to be created specifically for 802.11i. This is also interesting (taken from here):

Cisco, one of the largest providers of enterprise APs, said AES is supported in hardware on the IEEE 802.11g versions of AP models 1100, 1200, and the newly announced 1300 outdoor AP/bridge. However, a software upgrade for those devices will be required. Software upgrades will also be available for 802.11a, b and g card-bus and NIC cards.

Although they don't state it explicitly, it's a pretty fair bet that firmware upgrades for Linksys APs will be available at some point.

Re:Now we can start waiting for a total break of A

[m0rningstar]

AES, like DES and 3DES is a public algorithm and was subject to extensive peer review prior to adoption by the US government. (It's not a US algorithm; the original name was Rijndael). It was chosen for key length, security and efficiency of the algorithm and memory footprint among other things.

While this doesn't guarantee the security, it certainly improves the chances of it being as secure as possible. AFAIK, DES/3DES, a 20+ year old algorithm is still only vulnerable to brute force attacks.

The real fear here -- as in any encrytion system -- is the security of the key handling protocol. It's TKIP not AES that'll be the key to the security of 802.11i.

No

[billybob]

I have a netgear wireless router that does G and B. It can handle both at the same time just fine, and does not drop the G down to B speeds if there is a B client. :)

Maybe some routers do this, honestly I wouldnt be surprised, but I'm just letting you know that mine doesn't.

Re:No

[scd]

The actual issue is that some of the 802.11 protocol has to be done at speeds that all possible connecting units can understand. What this amounts to is that 'handshaking' is done at B speeds to allow B units to communicate, while the actual data transfer for G units is done at G speeds.

This causes some slowdown for G units. If an access point has proper settings, you should be able to make it do G only, thereby speeding up all G units at the expense of disallowing B units from connecting at all.

At least, the 802.11 protocol allows this, don't know if APs do or not.

Re:OK, but how does it actually work

[j+h+woodyatt]

I am a wireless expert.

802.11i uses AES for privacy, HMAC-SHA1 for integrity, and it defines its own protocol for establishing transient unicast and group session keys. You can use it with a pre-shared master key (derived from a simple passphrase), or you can use it conjunction with 802.1X and get per-user pairwise master keys derived from the authentication service.

The Wi-Fi Alliance (I'm told) is calling 802.11i by the name WPA2. If you have hardware that supports the AES variant of WPA, then your vendor should be able to supply a firmware upgrade soon that will support WPA2.

Re:Key Management

[DeathBunny]

802.11i includes the 802.1x (ie. EAP) authentication and key management included in WPA. It's a superset of WPA.

Re:Now we can start waiting for a total break of A

[pclminion]

It's not a US algorithm; the original name was Rijndael

Although it is correct that it was not invented by Americans, the term "Rijndael" is not a foreign word. It is simply a contraction of the names of the two inventors: Vincent Rijmen and Joan Daemen.

Re:Does this finally solve the *other* major probl

[wiedmann]

Yes, it does solve this problem. Since every wireless client (insider as you call it) is using a different key, one client can't decrypt another's traffic.

The key is negotiated at authentication time and is valid only for the given client and sesion. Without the client's authentication credential (certificate or otherwise), you can't get a hold of the key.

Re:hardware-level encryption = crap

[NerveGas]

If you want to keep your wireless network secure, tie MAC addresses to IP addresses, and presto!

Presto, you're screwed? What keeps a "baddie" from sniffing your traffic, waiting until you're not on, then changing his MAC address to be the same as yours? Oh, gee... I guess that doesn't buy you very much, either.

Even if it did, that still doesn't keep them from *sniffing* your network. Any data you transmit, they have. Just checked your email? Chances are they have your password. And all of those pictures that your girlfriend sent to you in those pictures. And those are just benign examples.

Putting encryption at this level is useless because secure communication with e.g. a webserver still requires that I encrypt over HTTPS

Until *every* protocol that goes over your network has reliable encryption, then this is still useful.

steve