WifiProtectedAccess is a WirelessSecurity standard designed for the highly successful WiFi community. * sometimes it is misnamed as "Wifi access". Useful to know if you do google searches. The WiFi''''''Alliance (WFA) consortium has been instrumental in completion of the '''WiFi Protection Access''' (WPA) v2 standard in Sep04 (press release at http://www.prnewswire.co.uk/cgi/news/release?id=129150). WPA uses a subset of the IEEE workgroup 802.11i standard, and has adopted mutual authentication mechanisms in IEEE802.1X (implemented via EAP (Extensible Authentication Protocol). It applies Temporal Key Integrity Protocol (TKIP) on existing RC4 WEP (WiredE''''''quivalentPrivacy) to impose a stronger data encryption. WPA V2 adopts "Advanced Encryption Standard" (AES) which is computationally intensive, thus requiring some less capable WPA devices to have hardware changes (otherwise it is software upgradable). AES use meets government NIST FIPS 140-2 certification requirements. It was reported that a WPA cracking tool exists for short passphrases. A attacker can monitor a short transaction or force that transaction to occur and then perform the crack far away from the physical site. See http://wifinetnews.com/archives/004428.html WFA has a page on security at http://www.wi-fi.org/OpenSection/secure.asp?TID=2 I just encountered my first wireless laptop and router, I was impressed with the performance, though a bit confused as to use the Linksys connection software or the Windows XP wireless connection. I even considered used the MAC address for validation. Any thoughts or opinions on this matter would be appreciated. The upmarket version of WPA (contrast WPA Personal below) requires the use of enterprise authentication server(s). * ?Awaiting standardization in federation and IdentityManagement schemes? Is use of RadiusServer required? ---- '''News And Developments''' Aug05 reports that WindowsVista will have WPA Personal, which is a "preshared key" (PSK) implementation. MS has collaborated with hardware vendors such as Intel. See http://www.theinquirer.net/?article=25777 ---- CategorySecurity CategoryWireless