wirelezz blog

waves're in the air everywhere I look around…

TKIP and WEP: Game Over

with one comment

So the other day I read the following in WiFiNews:

TKIP and WEP won’t be allowed in new devices with the Wi-Fi stamp in a staged elimination over three years starting in 2011.

My first reaction was: “Why did it take so long?”. It is well known that WEP is one insecure standard for IEEE 802.11 Networks. I’m no security expert, but there’s something I’ve learned in the past 7 years from different sources of information: “Don’t implement WEP on your wireless network”.

According to the post, “While TKIP hasn’t been broken, it has known vulnerabilities, such as a susceptibility to dictionary-based attacks for short keys, and some very clever ways to insert packets through manipulating a flaw in the packet integrity protocol.”.

However, it looks like it’s going to take some time to be accomplished:

At the start of 2011, access points will no longer be certified with TKIP as an option by itself, commonly revealed as WPA-PSK, WPA-TKIP, or WPA Personal. Mixed modes, in which an AP can accept either TKIP or AES keys, will still be allowed. But also starting in 2011, manufacturers can opt to ship Wi-Fi hardware preset to use WPA2 out of the box.

In 2012, new Wi-Fi adapters (so-called stations in 802.11 parlance) won’t be allowed to support TKIP.

In 2013, WEP is finally disallowed for APs. While that seems incredibly late, its inclusion is there only for certain categories of legacy devices for which no other option is available.

In 2014, the mixed TKIP/AES mode for access points can no longer be included in certified devices, and WEP cannot be available to new client devices.

As you may also know, 802.11n implements 802.11i security and gives TKIP support for those non-AES devices (however, 802.11n with TKIP won’t support data rates higher than 54Mbps).

While I think this should have been done severals years ago and that security standards should walk together with 802.11 innovations (such as 802.11n), I’m also interested in finding out how to meet the point in which new security schemes will not affect 802.11 handoffs as more handshakes and protocols are added in the process.

Source: WiFiNews


Written by Wirelezz

June 27, 2010 at 3:50 pm

Posted in News

Tagged with , , , , , , ,

One Response

Subscribe to comments with RSS.

  1. […] This post was mentioned on Twitter by Juan Carlos Basurto and Juan Carlos Basurto, Mohammed Anshad. Mohammed Anshad said: “@wirelezz: Say goodbye to TKIP and WEP http://bit.ly/bDzBfM” <- about time […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: