Forum

  • Is there a publicly available copy of the WAPI standard available so we may understand it better or comparisons on SMS4 vulnaribilities etc as IF in the future it becomes a standard we would need to have a clue about it, Currently tere is zero to very limited information in the public domain to make comparisons either for or against WAPI

  • One of the problems with WAPI, is that it has changed so much from its original incantation. Because it has changed so much, please forgive me if I miss a recent change or two.

    Originally, there were four main technical roadblocks to its acceptance:

    1) The most obvious problem was its use of a "secret" block cipher. This is known as security-by-obscurity, and no government, corporation, or sane person would accept this situation. The only logical conclusion was that it offered no real security.

    This seems to have changed somewhat as it's now known that it uses SMS4, which is a block cipher. ... and there have recently been some interesting advances made in cracking this code.

    2) WAI, WAPI's authentication method, is not compatible with Radius, which 802.11i is. That is a very large base of hardware and infrastructure to just throw out on an unproven technique.

    3) Thirdly, WAPI is NOT a subset of 802.11i. It is a separate standard. The ISO and IEEE were very interested in blending, or "harmonizing" it with 802.11i. The Chinese refused, insisting that it be accepted in-total and "as-is". The ISO even offered to conduct meetings in China, but the Chinese government would not grant visas for the meetings. In Germany (2005), the Chinese delegation walked out in mass from a large meeting arranged to work out the ISO issues. Which reminds me of cold war habits of the USSR when they heard something they didn't like.

    4) It has its own certificate format which is not x.509 compatible.

    In refusing to entertain the idea of harmonizing the standards, China was flouting both WTO and ISO/IEC rules, which "undermines the relevance" of these two groups. This is/was was the largest bureaucratic roadblock to its acceptance. The original Chinese proposal was also "accidently" marked and categorized as being proposed by another ISO group. When this fact was "discovered", it was used by some to throw up more bureaucratic roadblocks. The ISO and IEEE never claimed this was intentional on the part of the Chinese, but I'm sure hundreds of ISO/IEC and IEEE members thought it was.

    One feature ruled out by WAPI was WEP. Overall I think that's a good thing, but at the time the industry said that 200M customers, already using WEP, could not be ignored. This is ironic given that 802.11n is incompatible with WEP at ANY rate faster than 54Mbps.

    I could go on, but that's all for now.

    The Chinese themselves, are the reason WAPI was not accepted.

    Of course, large corporations like Broadcom and Motorola (and maybe Apple) appear willing to ignore these problems in the interests of profit.

    We'll just have to see what happens, but I don't think it bodes well for non-Chinese companies vying for market share in China.

  • i respect chinese very much but really ido not know why china do not share it is technology with the world

Page 2 of 2