Slashdot Mirror

← Back to Stories (view on slashdot.org)

China Walks Out of Wireless LAN Security Talks

Posted by Zonk on from the that's-one-way-to-get-what-you-want dept.

Ant writes "A CommsDesign article reports that China walked out of a wireless standards meeting this week, accusing the International Organization for Standardization of favoring the IEEE's 802.11i ANSI-certified wireless LAN security scheme over its own controverisal proposal, EE Times has learned. The gambit came after China's Wireless Authentication and Privacy Infrastructure (WAPI) security scheme was withdrawn and placed on a slower track by the ISO." From the article: "China initially agreed last year to refrain from making its WAPI security scheme mandatory for wireless LAN equipment in China. It then approached ISO with a fast-track submission in an effort to make WAPI an international security standard."

3 of 313 comments (clear)

  1. WAPI is old by christoofar · · Score: 5, Informative

    According to this rant WAPI is "on old technology, performs poorly and is insecure"

  2. You can't sell shit to a cow farmer by TechyImmigrant · · Score: 5, Informative

    Repeat after me... WAPI is Crappy.

    WAPI is insecure, doesn't scale, late and undeployable.

    If you read the specs and had any involvement in the 802.11i process, you will understand what an amature piece of work WAPI is. It was compounded with the blatant IP grab that China was trying to make with WAPI (you have to send China your RTL, they *THEY* can integrate it into your chip - yeah right).

    The only way you can effectively write 802.11 specifications for anything as intertwined with the base spec is to go to the 802 meetings and propose your scheme. From 802, down through 802.11 and the 802.11 task groups, the documents are heavily cross dependent and part of the purpose of these massive meetings is to make sure that all the bits fit together and are kept up to date with respect to each other.

    Trying to write an 802.11i replacement in isolation is doomed to failure and fail is exactly what they did.

    Now they are forum shopping. ISO rubber stamps the 802 documents because 802 has a long history of succesful open standards development. Whining 'it's not fair! They won't take our spec but they will take the IEEE specs' is disingenuous bullshit and they know it. There is a basic quality threshold you have to pass first.

    --
    Evil people are out to get you.
  3. Re:What is WAPI anyway? by thomasa · · Score: 5, Informative

    From the paper:

    "The only secret part of the protocol is the symmetric encryption algorithm used between a wireless device and the access point, after both of them have been authenticated." and "The regulation also requires that any company who develops products that use encryption to keep the encryption algorithm a secret from anyone who is not authorized to know the algorithm"

    To have a secret algorithm is a bit untrustworthy!
    Would you trust your secrets to a secret Chinese algorithm? It might be good but clearly the Chinese can break it.