Re: WPA2

[Harshal Chhaya]

> Can anybody let me know what are the security holes so far found in
> WPA2 and how those could be solved?

WPA2 is the part of 802.11i that proposes a long term security
solution. Thus WPA + WPA2 = 802.11i

Note that WPA and WPA2 are marketing terms coined by the WiFi Alliance
to avoid using technical jargon used by the 802.11i standard.

WPA2 uses the CCM (CTR with CBC-MAC) security protocol and the AES
cipher both of which have been extensively studied by cryptographers.
AES is being used in many more applications outside 802.11i and is a
federal standard for block ciphers.

I don't know of any security holes in WPA2. If you do, a *lot* of
people would be interested in finding out more details.

> Is there any upcoming standard after WPA2?

WPA3? <smile>

But seriously, there are no plans for any additional security
standards. There will be other standards that have some
security-related component to them like the fast roaming and handoff
spec being currently worked on but it is not really related to the WPA
family.

Regards,
- Harshal