Wi-Fi gets much-needed security boost

A Wi-Fi security standard awaiting final approval is intended to restore confidence in a market damaged by previous weak specifications.

The Institute of Electrical and Electronic Engineers standards board will decide today whether the current version of the 802.11i specification is reliable enough to become an industry standard. The current draft has already been through a review committee, said Brian Matthews, publicity chairman of the IEEE 802.11 working group and vice president of AbsoluteValue Systems.

Wi-Fi products establish wireless local area networks that allow devices to connect to one another, transmitting and receiving data within a range of 150 feet. The final 802.11i specification ensures that the data sent along those networks is encrypted and can't be broken by anyone who may intercept it.

The 802.11i specification is expected to become a standard, giving the wireless networking industry a boost in the eyes of businesses. Previous security measures, such as Wired Equivalent Privacy (WEP), were easily broken by hackers, leaving many security-conscious IT managers wary of wireless networking gear.

The wireless networking industry has been looking for ways to ease those concerns and patch up the reputation of its equipment. An interim security specification, Wi-Fi Protected Access (WPA) was developed and made available in early 2003, and companies began work on an industry standard, 802.11i.

While business sales lagged in 2002, the wireless networking market was buoyed by consumers, who took advantage of cut-rate prices. A year later, companies slowly began buying wireless networking gear again.

Many of the new features in 802.11i are already being used in Wi-Fi equipment, which has helped business sales. The most significant feature is Advanced Encryption Standard (AES), a strong encryption standard supporting 128-bit, 192-bit and 256-bit keys, said Robin Ritch, Intel's director of security industry marketing.

"Companies will be turning to network management and ease of use in order to differentiate their products," Ritch said. "Security finally feels mature."

Ritch added that Intel's Centrino bundle of chips will incorporate the 802.11i standard and that all Centrino products in the market will also be upgradeable to the standard by the end of the year. The chipmaker will make an announcement of how and when upgrades will be available, following the official completion of the standard.

Richard Shim writes for CNET News.com