Microsoft Beefs Up Wi-Fi Security in XP

By Ryan Naraine

March 31, 2003

Microsoft releases a free XP download with support for Wi-Fi Protected Access, an alternative to the WEP protocol.

Highlighting the shortcomings of the Wi-Fi Wired Equivalent Privacy (WEP) security standard, Microsoft on Monday rolled out its own alternative for Windows XP users, new software that promises increased security in the areas of data encryption and user authentication.

Microsoft announced the availability of a free XP download with support for the standards-based Wi-Fi Protected Access (WPA), a network security solution from the Wi-Fi Alliance.

Microsoft's XP update would tweak the way the OS communicates with the Wi-Fi protocol. Instead of having one encrypted key for everyone to connect to the network, Microsoft said its WPA update would provide separate keys for each system connecting to the Wi-Fi network.

The move comes as researchers continue to decry weaknesses in WEP, which is the de-facto security tool for the Wi-Fi/802.11 standard. Various WEP vulnerabilities such as the plaintext attack, bit flipping attack, and statistical analysis attack have been well publicized.

WEP , which is designed to provide the same level of security as that of a wired LAN, is considered weak because it uses RC4 encryption algorithm, a stream cipher, for encrypting packets. WEP's inability to have per user/session keys and the lack of re-keying support to allow changing the encryption key frequently have also been highlighted as major weaknesses, according to security research.

Microsoft's new initiative is being touted as a replacement for WEP because it offers increased methods of data encryption and network authentication. "The result is a new level of protection for customers taking advantage of the wireless features in Windows XP," the software giant said in a statement.

To improve data encryption, it said WPA would resolve existing cryptographic weaknesses and introduce a method to generate and distribute encryption keys automatically. Each bit of data would be encrypted with a unique encryption key. Microsoft said the update would also introduce an integrity check on the data so an attacker cannot modify packets of information being communicated.

To beef up enterprise-level user authentication, Microsoft said WPA authenticates every user on the network while keeping those users from joining rogue networks.



Comment and Contribute
(Maximum characters: 1200). You have
characters left.