Wireless access security scheme gets tryout

LAS VEGAS'Paul Wouter of Xelerence Corp. of Canada, is a fan of IPsec. The company maintains and develops Opswan, the Linux IPsec implementation, and he thinks IPsec should be the default tool for wireless connections.

Wouter used the Black Hat Briefings this week to test a prototype IPsec wireless authentication scheme called WaveSEC for Windows clients.

The computer security conference provides wireless network connections for its attendees, but the security-conscious crowd is leery of the notorious shortcomings of the 802.11 family of wireless LANs. Instructions for using the conference's network carry the warning, 'surf at your own risk.'

But this year's conference is using a WaveSEC overlay on the network and the CD of proceedings includes an X.509 digital certificate that lets users help work the bugs out of the tool.

'It's not magic,' Wouter said. 'It is not host-to-host encryption. It just encrypts the wireless.'

The WaveSEC prototype is loaded on a separate server and uses X.509 certificates or an access point 'fingerprint' to authenticate users on the system. Wouter said the next step in WaveSEC development is to incorporate it on a commercial Linksys access point, which uses Linux.

But tests at an earlier Black Hat conference in Europe demonstrated a number of problems that need to be solved before it is ready for commercialization. For instance, the IPsec-off function does not always work on a notebook computer when it is shut down.

'You could lose all connectivity with your laptop' when it is restarted if Windows re-installs the IPsec policies, Wouter said.

Like the instructions say, 'surf at your own risk.'

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected