Wireless access security scheme gets tryout

LAS VEGAS'Paul Wouter of Xelerence Corp. of Canada, is a fan of IPsec. The company maintains and develops Opswan, the Linux IPsec implementation, and he thinks IPsec should be the default tool for wireless connections.

Wouter used the Black Hat Briefings this week to test a prototype IPsec wireless authentication scheme called WaveSEC for Windows clients.

The computer security conference provides wireless network connections for its attendees, but the security-conscious crowd is leery of the notorious shortcomings of the 802.11 family of wireless LANs. Instructions for using the conference's network carry the warning, 'surf at your own risk.'

But this year's conference is using a WaveSEC overlay on the network and the CD of proceedings includes an X.509 digital certificate that lets users help work the bugs out of the tool.

'It's not magic,' Wouter said. 'It is not host-to-host encryption. It just encrypts the wireless.'

The WaveSEC prototype is loaded on a separate server and uses X.509 certificates or an access point 'fingerprint' to authenticate users on the system. Wouter said the next step in WaveSEC development is to incorporate it on a commercial Linksys access point, which uses Linux.

But tests at an earlier Black Hat conference in Europe demonstrated a number of problems that need to be solved before it is ready for commercialization. For instance, the IPsec-off function does not always work on a notebook computer when it is shut down.

'You could lose all connectivity with your laptop' when it is restarted if Windows re-installs the IPsec policies, Wouter said.

Like the instructions say, 'surf at your own risk.'

About the Author

William Jackson is a Maryland-based freelance writer.


  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected