Goodbye, WEP & TKIP

facebooktwittergoogle_pluslinkedinmailfacebooktwittergoogle_pluslinkedinmail
Ban of WEP & TKIP

Ban of WEP & TKIP

Wi-Fi Alliance has (finally) decided to take some giant steps in improving the state of wireless security. Starting Jan 2011, TKIP will be disallowed on new APs and from 2012, it will be disallowed on all Wi-Fi devices. Come Jan 2013, WEP will not be allowed on new APs and from 2014, WEP will be disallowed on all Wi-Fi devices. This is the good news. But, let us also get to the “bad” news.

 

Blog-pic

Unfortunately, the bad news is that there can be other wireless security holes in an enterprise. Although TKIP & WEP are disallowed, “Open” configuration continues to be allowed. Enterprises need to worry about AP mis-configurations and legacy deployments. Further, network intrusions and extrusions due to unmanaged devices are still possible. Rogue APs will persist to haunt enterprise IT security teams. Similarly, the plethora of Wi-Fi clients present within an enterprise introduces new paths for enterprise data leakage.

Hence, wireless security audits and enterprise airspace surveillance will continue to be important. Do let me know if you think otherwise.

Gopinath

K N Gopinath (Gopi) has more than a decade of experience that spans across multiple domains – systems, networks and security. His core competencies include technology innovation, product engineering and team building. As the Director of Engineering at AirTight, he drives the delivery of the wireless security products in a fast paced and highly dynamic environment. Gopi has several patents and technical publications to his credit.

Trackbacks

  1. [...] Goodbye, WEP & TKIP WPA2 Hole196 Vulnerability WPA2 finds itself in a “hole”! Vulnerable to insider attacks! Black Hat ® Technical Security Conference: USA 2010 // Black Hat Arsenal WPA2 Exposed with ‘Hole 196′ Vulnerability Wi-Fi WPA & WPA2 Encryption Cracking Guide Wi-Fi Alliance to dump WEP and TKIP … not soon enough Researcher Hints 802.1X WPA2 Flaw [...]

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>