WAPI supporters ready a last stand in China

Plan would force foreign companies to license WAPI wireless security protocol

Chinese companies are not giving up on efforts to promote adoption of a homegrown security protocol for wireless LANs called WAPI (WLAN Authentication and Privacy Infrastructure).

The renewal of support for WAPI comes amid signs that its submission as an international standard is dead in the water.

Plans that would have forced foreign companies to license WAPI were shelved by China's government in 2004 in the face of determined opposition from industry heavyweights, including Intel and the U.S. government. The technology was later submitted for consideration by international standards groups, including the International Organization for Standardization (ISO) and the Institute of Electrical and Electronics Engineers (IEEE).

Resistance to incorporating WAPI into an international WLAN standard appears to have hardened in recent months with continued secrecy surrounding WAPI's encryption algorithm among the issues of greatest concern.

"The use of an undisclosed algorithm makes it impossible to evaluate the effective security of the proposed international WLAN standard," IEEE's 802.11 Working Group said in a document. That document called for WAPI to be removed from consideration as part of an ISO standard.

Other factors contributed to IEEE's call to remove WAPI from consideration. "Attempts over the last two years by non-Chinese companies to procure any version of a WAPI device have failed," the document said.

Opposition to the inclusion of WAPI in the ISO standard has resulted in a renewed effort to promote the technology within China.

On Tuesday, a group of 22 Chinese companies, including Lenovo Group's Chinese operations and the country's major fixed-line and mobile operators, announced the formation of a group, called the WAPI Industry Union, to promote adoption of the security protocol. The group claims WAPI offers better security than technology used in the IEEE's 802.11i standard.

A press conference held to announce its formation was attended by officials from China's Ministry of Information Industry (MII), the Ministry of Science and Technology (MOST), and the National Development and Reform Commission (NDRC), according to official news reports.

Despite the renewed attention WAPI has received in China, the technology is unlikely to re-emerge as a mandatory national standard, said Duncan Clark, managing director of BDA China, a telecommunications consultancy in Beijing. Instead, WAPI will likely find a captive market among Chinese government customers, where concerns may exist about using Western encryption, he said.

"There's a valid case for China to have its own encryption technology for state-security purposes," Clark said.

Even so, feelings are running high over WAPI's treatment in the international standards process. At the launch of the WAPI Industry Union, supporters lashed out at Western opposition to the technology's adoption, singling out Intel, which dominates the market for WLAN chips through its popular Centrino notebook package.

"Intel's WLAN standard is garbage," said Cao Jun, general manager of IWNCOMM, the company that developed the technology behind WAPI, quoted in a Chinese newspaper report. In another report, Cao accused Intel of engaging in backroom maneuvers to prevent a vote on WAPI's inclusion as part of an international WLAN standard.

Cao could not be reached for comment.

Intel spokeswoman Jennifer Liu declined to respond to Cao's comments, but she reiterated the company's support for international technology standards, such as 802.11. "International standards bring fundamental benefits to end users in terms of cost efficiency and convenience," Liu said.

Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Recommended
Join the discussion
Be the first to comment on this article. Our Commenting Policies