Wireless access security scheme gets tryout

LAS VEGAS'Paul Wouter of Xelerence Corp. of Canada, is a fan of IPsec. The company maintains and develops Opswan, the Linux IPsec implementation, and he thinks IPsec should be the default tool for wireless connections.

Wouter used the Black Hat Briefings this week to test a prototype IPsec wireless authentication scheme called WaveSEC for Windows clients.

The computer security conference provides wireless network connections for its attendees, but the security-conscious crowd is leery of the notorious shortcomings of the 802.11 family of wireless LANs. Instructions for using the conference's network carry the warning, 'surf at your own risk.'

But this year's conference is using a WaveSEC overlay on the network and the CD of proceedings includes an X.509 digital certificate that lets users help work the bugs out of the tool.

'It's not magic,' Wouter said. 'It is not host-to-host encryption. It just encrypts the wireless.'

The WaveSEC prototype is loaded on a separate server and uses X.509 certificates or an access point 'fingerprint' to authenticate users on the system. Wouter said the next step in WaveSEC development is to incorporate it on a commercial Linksys access point, which uses Linux.

But tests at an earlier Black Hat conference in Europe demonstrated a number of problems that need to be solved before it is ready for commercialization. For instance, the IPsec-off function does not always work on a notebook computer when it is shut down.

'You could lose all connectivity with your laptop' when it is restarted if Windows re-installs the IPsec policies, Wouter said.

Like the instructions say, 'surf at your own risk.'

About the Author

William Jackson is a Maryland-based freelance writer.


  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected