ZDNet UK / News and Analysis / Infrastructure / Networking

802.11i - designed to integrate

By , ZDNet.co.uk, 10 April, 2003 09:22

Daily Newsletters

Sign up to ZDNet UK's daily newsletter.

Topics

Authentication, Extensible Authentication Protocol, Counter with Cipher Block Chaining Message Authentication Code Protocol, CCMP, TKIP, Security, EAP, EAPOL, 802.11i, Hotspots, 802.1x, Wireless, Safe Secure, temporal key integrity protocol, IEEE, Wi-Fi

802.1x also specifies how keys are passed back to the client to be used in further network traffic -- how these keys are used is not specified, but how they are transferred securely is. It also sets a per-packet authentication key that can't be faked by a third party, maintaining authentication if the client roams to another port and preventing interception and taking over of a session by an intruder. In installations where there's no authentication server -- probably the case in most homes and many small businesses -- 802.1x can be used in pre-shared key mode, where every node has its keys set up explicitly by hand. The rest of the 802.1x features work, with the proviso that if the shared keys are ever compromised the security of the network is lost. When 802.1x was started, wireless networking wasn't nearly as prominent as it is now, so the standard is designed for a variety of wired networks only -- hence the need to incorporate it into 802.11i before it can be used for radio. 802.11i's data security additions include various encryption processes such as TKIP (Temporal Key Integrity Protocol) and CCMP (Counter with Cipher Block Chaining Message Authentication Code Protocol). TKIP's main attraction is a frequent update of the encryption key, TKIP can be added to an existing 802.11 interface by upgrading its software, while a version of the TKIP mechanism called SSN (Safe Secure Networks), has already been adopted by the WiFi industry group prior to the approval of 802.11i. This is a temporary measure due to the need for a fast fix to the broken WEP standard. CCMP is designed for future wireless LANs, as it needs more processing power than most adaptors and access points currently have to spare -- it uses a version of the Advanced Encryption Standard (AES), the current US Government approved method of encrypting data in transit. 802.11i remains under development
With most of the technicalities decided but some areas -- such as fast roaming between access points -- still receiving attention. Such is the pressure for secure wireless LANs that some systems are already available with pre-approval versions of the standard. These are better than non 802.11i systems, but deploying them without a guaranteed upgrade path to the finished standard has interoperability and security risks of its own. By the end of the year, the standard should be finalised and equipment available: then the IEEE will have done its part, and it will be down to system deployers and managers to configure and maintain adequate security. 802.11i is just the kit of parts to do the job -- network security only works when people do it right. For a weekly round-up of the enterprise IT news, sign up for the Enterprise newsletter. Tell us what you think in the Enterprise Mailroom.

Related stories

Mesh standards are thin on the ground

A to Z of wireless standards

ROI, security and management: three necessities of the WLAN

Keep pace with WLAN security developments

BT passes fibre milestone as profits rise

Post your comment

In order to post a comment you need to be registered and logged in.

You can also log in with Facebook. Log in or create your ZDNet UK account below

  • Login

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy. Questions about membership? Find the answers in the Community FAQ

Get ZDNet UK's daily newsletter

Enter your email address to sign up

ZDNet UK Live

apexwm

NanWag : A Windows Server 2008 is being used because the environment that the Macs are in is a heavy Windows environment. I am proposing that...

42 minutes ago by apexwm on Windows Server 2008 drops the ball for Mac compatibility
BellamysIT

Really good article. You bring to light a few really good things. However, isn't it true that over 70% of fortune 500 companies use sharepoint?...

43 minutes ago by BellamysIT on Designing a SharePoint farm: Tiers before bedtime
annonymous2

If Piratebay is a crime then so is borrowing a dvd you purchased to a family member or a friend. Why should we not be aloud to share. Most of the...

3 hours ago by annonymous2 on UK ISPs ordered to block Pirate Bay website
NanWag

File Services For Macintosh was causing Excel to prompt for Overwriting changes or Save Another Copy because it was changing the timestamp on the...

3 hours ago by NanWag on Windows Server 2008 drops the ball for Mac compatibility
Regis Machado

creative cloud $48/month in the USA, £48/month in the UK ($79). good for the competitors

5 hours ago by Regis Machado via Facebook on Adobe move promotes piracy
Tom Espiner

Hello KosGirl, Good question. I've asked Belfius for a response. The latest post I can find on Pastebin about it is here:...

5 hours ago by Tom Espiner on Hackers hold bank to ransom over stolen data
KosGirl

Have there been any further updates to this story? I can't find any information on whether the hackers released the data or not.

6 hours ago by KosGirl on Hackers hold bank to ransom over stolen data
SandJ

I have done 7 speed tests this morning on different speed test tools. They tell me my download speed is: 12.3, 12.3, 12.3, 11.1, 12.7, 12.7, 11.7...

7 hours ago by SandJ on Watchdog: TalkTalk's broadband speed test misled users
Jack Schofield

@Mary Microsoft could always send Mozilla a spec sheet and oblige them to meet the same standards as IE. Then Mozilla can spend millions of...

10 hours ago by Jack Schofield on Windows RT browsers and the point of Windows RT
goth1csnake3

Not before time, that people making films,dvd's get whats coming to them. Well done, Virgin Media.

12 hours ago by goth1csnake3 on Virgin Media: Spotify deal will bring down piracy
Simon Bisson and Mary Branscombe

Apex - the question then is what about letting the user choose to have a tablet where they don't have to have that responsibility? why can't the...

22 hours ago by Simon Bisson and Mary Branscombe on Windows RT browsers and the point of Windows RT
Simon Bisson and Mary Branscombe

Moley, Apex, thanks; I think there's an interesting other dimension of choice - the choice to have a platform that is 'locked down' in the sense...

22 hours ago by Simon Bisson and Mary Branscombe on Mozilla accuses Microsoft of shutting Firefox out of WOA
Yellowcave

Not surprised. I once used the methods to let my firewall just notify me of breaches. Not one single logged event was genuine. Once, we all...

1 day ago by Yellowcave on Mobile porn filters catch innocent content, says report
duplex

live realy sucks in facebook becuase people hack your profile

1 day ago by duplex on Irish watchdog: Facebook privacy still falls short
Ed Macnair

If only it was that simple. When you start accessing Cloud applications you are stuck with the security model the vendor provides...........unless...

1 day ago by Ed Macnair via Facebook on IT security? You're doing it wrong!
Phil at Cloud4

Another good updaet, I have enjoyed going on the journey reading this series on SharePoint 2010 and have learned alot. Great writing.

1 day ago by Phil at Cloud4 on Designing a SharePoint farm: Tiers before bedtime
muteen

roumers of an ipad Mini, isnt that just an iTouch!?

1 day ago by muteen on Apple rebrands iPad 4G as 'Wi-Fi + Cellular' for UK
apexwm

Thanks for this article and bringing this issue to light. Unfortunately this type of activity is common not only with Adobe, but many other...

1 day ago by apexwm on Adobe move promotes piracy
Andy Bolstridge

there's a very thin line between tax avoidance and tax efficiency - earning £850 a month and claiming dividends to bring my income up to normal...

1 day ago by Andy Bolstridge via Facebook on The Idle Self-employed
Andy Bolstridge

I see that they are happy to announce these numbers.. but no-one will take any notice until they start announcing sales numbers too.

1 day ago by Andy Bolstridge via Facebook on Microsoft's score card for Smoked by Windows Phone

Latest in Networking

BT passes fibre milestone as profits rise

HP taps F5 for help with application-specific networks

27 cities to compete for 'ultra-fast' broadband funding

Featured white papers

Six iPad tests for multimedia-grade Wi-Fi

Aruba Networks

Six iPad tests for multimedia-grade Wi-Fi

The University of Ottawa, Apple, Aruba Networks and others validate a multimedia grade Wi-Fi environment for scaling voice and video... Read more

Enterprise wireless networks add speed with 802.11n

Aruba Networks

Enterprise wireless networks add speed with 802.11n

This Aruba white paper explains the advanced technology introduced in the 'final' 802.11n certification, allowing enterprise network managers to understand its benefits and to plan their own upgrade... Read more

How to prime your WLAN for employee devices

Aruba Networks

How to prime your WLAN for employee devices

Companies are finding the wireless LAN is under pressure as employees are bringing their own devices to... Read more

Inside ZDNet UK

HTC One V

HTC One V

Darth Vader brought his own device...

Darth Vader brought his own device...

Dell PowerEdge T320

Dell PowerEdge T320

Gartner - Next Generation Intrusion Prevention

Gartner - Next Generation Intrusion Prevention

Top travel apps for the iPhone

Top travel apps for the iPhone

SharePoint 2010: A migration odyssey

SharePoint 2010: A migration odyssey

Ubuntu 12.04 LTS: The morning after

Ubuntu 12.04 LTS: The morning after