WLAN Authentication and Privacy Infrastructure

WLAN Authentication and Privacy Infrastructure

WAPI (WLAN Authentication and Privacy Infrastructure) is a Chinese National Standard for Wireless LAN (GB 15629.11-2003).Although it was allegedly designed to operate on top of WiFi, compatibility with the security protocol used by the 802.11 wireless networking standard developed by the Institute of Electrical and Electronics Engineers Inc. (IEEE) is in dispute.

WAPI works by having a central Authentication Service Unit (ASU) which is known to both the wireless user and the access point and which acts as a central authority verifying both. The WAPI standard requires the use of a symmetric encryption algorithm" [http://www.suntzureport.com/wapi/wapi.pdf Wireless Authentication and Privacy Infrastructure Protocol (WAPI) Specification] ", Dapeng Zhu, Sun Tzu International LLC, retrieved 2005/02/26 from http://www.suntzureport.com/wapi/wapi.pdf N.B. this an explanation of the spec, not the spec itself.] , SMS4, which was eventually declassified in January 2006.

In late 2003, the Chinese government announced a policy requiring that wireless devices sold in China include WAPI support and foreign companies wanting access to the Chinese market would have to partner with one of 11 Chinese firms to which the standard was disclosed. This issue became a point of trade discussions between the then United States Secretary of State Colin Powell and his Chinese Government equivalent. China agreed to indefinitely postpone implementation of the policy.

The Chinese Standards Association (SAC) subsequently submitted WAPI to the ISO standards organization for recognition as an international standard, at about the same time as the IEEE 802.11i standard. After much debate related to both process issues and technical issues, the IEC/ISO Secretaries General decided to send the proposals to parallel fast track ballots. In March 2006, the 802.11i proposal was approved and the WAPI proposal was rejected. This result was confirmed at a Ballot Resolution meeting held in June 2006, during which the SAC delegation walked out.

The result was subject to two appeals by SAC to the ISO/IEC Secretaries General that alleged "unethical" and "amoral" behaviour during the balloting process and irregularities during the ballot resolution process. The official Chinese news agency Xinhua said on May 29, 2006, that appeals were filed in April and May 2006 and, the agency said, alleged that the IEEE was involved in "organizing a conspiracy against the China-developed WAPI, insulting China and other national bodies, and intimidation and threats." Xinhua did not make these allegations specific, as is an often standard practice for "news" produced through government collusion, (see [http://en.wikipedia.org/wiki/Media_bias_in_the_United_States] ). In July 2006, 802.11i was published as an ISO/IEC standard. WAPI is no longer being considered by ISO/IEC and all appeals have been dismissed.

After the preliminary results were announced in March 2006, various press reports from China suggested that WAPI may still be mandated in China. TBT (Technical Barrier to Trade) declarations to the WTO in January 2006 and a statement in June 2006 to ISO/IEC JTC1/SC6, in which SAC said they would not respect the status of 802.11i as an international standard, seemed to support this possibility. However, as of early 2007, the only official Chinese policy related to WAPI is a "government preference" for WAPI in government and government funded systems. It is unclear how strongly this preference has been enforced, and it seems to have had little effect on the non government market, which is overwhelmingly based on WiFi certified equipment using WPA2.

In early 2006, the Wired Authentication and Privacy Infrastructure (WAPI) Industrial Union was established to promote WAPI certification. It consists of 22 members, including Lenovo, Huawei and Beijing Founder Electronics, as well as China's four major telecom operators. This group has continued to promote WAPI within China during 2006 and 2007.

References


* " [http://news.zdnet.com/2100-9584_22-5197087.html China reaches trade accord, postpones WAPI requirements indefinitely] "

External links

* [http://www.suntzureport.com/wapi/ SunTzu International LLC on WAPI]
* [http://www.chinatechnews.com/index.php?action=show&type=news&id=2639 The Chinese WAPI Delegation has returned from Geneva, where at the headquarters of the International Organization for Standardization it took part in a meeting with a group promoting IEEE 802.11i]
* [http://www.eet.com/news/semi/showArticle.jhtml?articleID=181502994&pgno=1 The International Organization for Standardization (ISO) rejected China's domestic wireless LAN technology to become an international standard]
* [https://committees.standards.org.au/COMMITTEES/I-000/X0001/JTC001-N-7904.pdf ISO/IEC JTC 1 N7904]
* [http://english.people.com.cn/200605/29/eng20060529_269419.html Xinhua May 29, 2006, report on appeals to ISO]


Wikimedia Foundation. 2010.

Игры ⚽ Поможем сделать НИР

Look at other dictionaries:

  • WLAN Authentication and Privacy Infrastructure — WAPI (WLAN Authentication and Privacy Infrastructure) ist eine Chinesische Sicherheitstechnologie für drahtlose Netzwerke. WAPI ist eine Alternative zum Sicherheitsprotokoll, welches im 802.11 Standard definiert ist. Inhaltsverzeichnis 1 Technik… …   Deutsch Wikipedia

  • WLAN Authentication and Privacy Infrastructure — ATTENTION: Le titre Wireless ... est faux, corriger comme WLAN ... s.v.p.. WAPI (de l anglais WLAN Authentication Privacy Infrastructure) est un standard national de la Chine pour LAN sans fil (GIGAOCTET 15629.11 2003) conçu pour proportionner… …   Wikipédia en Français

  • Wireless security — An example wireless router, that can implement wireless security features Wireless security is the prevention of unauthorized access or damage to computers using wireless networks. Many laptop computers have wireless cards pre installed. The… …   Wikipedia

  • Wired Equivalent Privacy — (WEP) is a deprecated algorithm to secure IEEE 802.11 wireless networks. Wireless networks broadcast messages using radio and are thus more susceptible to eavesdropping than wired networks. When introduced in 1999, WEP was intended to provide… …   Wikipedia

  • IEEE 802.11i-2004 — IEEE 802.11i 2004, or 802.11i, is an amendment to the IEEE 802.11 standard specifying security mechanisms for wireless networks. The amendment has been incorporated into the published IEEE 802.11 2007 standard.802.11 is a set of IEEE standards… …   Wikipedia

  • Extensible Authentication Protocol — Extensible Authentication Protocol, or EAP, is a universal authentication framework frequently used in wireless networks and Point to Point connections. It is defined in RFC 3748, which has been updated by RFC 5247. Although the EAP protocol is… …   Wikipedia

  • WPA-PSK — Wi Fi Protected Access Wi Fi Protected Access (WPA et WPA2) est un mécanisme pour sécuriser les réseaux sans fil de type Wi Fi. Il a été créé en réponse aux nombreuses et sévères faiblesses que des chercheurs ont trouvées dans le mécanisme… …   Wikipédia en Français

  • WPA2 — Wi Fi Protected Access Wi Fi Protected Access (WPA et WPA2) est un mécanisme pour sécuriser les réseaux sans fil de type Wi Fi. Il a été créé en réponse aux nombreuses et sévères faiblesses que des chercheurs ont trouvées dans le mécanisme… …   Wikipédia en Français

  • Wi-Fi protected access — (WPA et WPA2) est un mécanisme pour sécuriser les réseaux sans fil de type Wi Fi. Il a été créé en réponse aux nombreuses et sévères faiblesses que des chercheurs ont trouvées dans le mécanisme précédent, le WEP. WPA respecte la majorité de la… …   Wikipédia en Français

  • Wi-fi protected access — (WPA et WPA2) est un mécanisme pour sécuriser les réseaux sans fil de type Wi Fi. Il a été créé en réponse aux nombreuses et sévères faiblesses que des chercheurs ont trouvées dans le mécanisme précédent, le WEP. WPA respecte la majorité de la… …   Wikipédia en Français

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”