WAPI
|
WAPI (Wired Authentication and Privacy Infrastructure) is a Chinese National Standard for Wireless LAN. Although it is supposed to work on top of WiFi, compatibily with the security protocol used by the 802.11 wireless networking standard developed by the Institute of Electrical and Electronics Engineers Inc. (IEEE) is in dispute.
WAPI works by having a central Authentication Service Unit (ASU) which is known to both the wireless user and the access point and which acts as a central authority verifying both.
The WAPI standard requires the use of a secret symmetric encryption algorithmTemplate:Ref which is a requirement which cryptography experts such as Schneier have previously stated is unsafe since it means that the algorithm cannot be peer reviewed.
References
- Template:Note Wireless Authentication and Privacy Infrastructure Protocol (WAPI) Specification (http://www.suntzureport.com/wapi/wapi.pdf), Dapeng Zhu, Sun Tzu International LLC, retrieved 2005/02/26 from http://www.suntzureport.com/wapi/wapi.pdf N.B. this an explanation of the spec, not the spec its self.