Replying for Amit Sinha:
PCI DSS prohibits the use of WEP in cardholder environments beyond June 30, 2010. The published PCI DSS Wireless Guidelines mentions TKIP vulnerabilities (see page 20) and recommends the use of WPA2 Enterprise mode with AES encryption. Overall PCI direction is to move away from advocating or deprecating specific protocols. I expect the next PCI standard to use vague language like “use industry best practices” as opposed to saying do not use WPA-TKIP (WEP was an exception).

We have published a technical note on recent TKIP vulnerabilities: Understanding the New WPA TKIP Attack: Vulnerabilities & Motorola WLAN Countermeasures. Bottomline, from a security perspective, moving to WPA2-AES is the right direction. The issue is legacy compatibility, particularly in verticals like retail. All new devices and infrastructure support WPA2.

The new Wi-Fi roadmap provides a 3 year transition plan to eliminate WEP and TKIP. Starting Jan 1, 2011 WPA-TKIP is prohibited in APs. TKIP is allowed under WPA2 mixed mode through the end of 2013 for legacy clients. WPA2 mixed mode allows the AP to advertise TKIP and AES as ciphers in its beacons, allowing legacy clients to use TKIP if they don’t support AES.  We should plan to incorporate these changes in our switches and controllers. I don’t expect Wi-Fi to “decertify” old equipment, just that new equipment will have to support these changes to pass Wi-Fi tests.

I think we have the opportunity to leverage this as another reason to force some of our legacy customers (e.g. UPS) to upgrade to newer equipment.

Regards,

Amit

No definite TKIP publication to date.  However the PCI Security Standards Council Wireless SIG Implementation Team has published, DSS Wireless Guidance July 2009 ( https://www.pcisecuritystandards.org/pdfs/PCI_DSS_Wireless_Guidelines.p…;) which recommends AES over TKIP due to a key injection vulnerability that is summarized as follows on page 20 of the document. "Recent attacks against the TKIP encryption algorithm have revealed some flaws in the protocol that can allow an attacker to decrypt small frames encrypted using TKIP such as Address Resolution Protocol (ARP) frames in about 15 minutes. Further, the attack revealed that it is possible to reuse the compromised encryption keystream to inject 7-15 arbitrary packets into the network using QoS mechanisms without triggering the replay protection countermeasures available in TKIP. While the attack does not lead to a compromise of the PSK, it is recommended that organizations use AES encryption, which is immune to the attack." The actual standard v1.2.1 (https://www.pcisecuritystandards.org/security_standards/pci_dss_downloa…;)references simply IEEE 802.11i and Wi-Fi Protected Access (WPA/WPA2) in sections 2.1 and 4.1.1.

Hi Harold, Thank you for such a quick response.  We're trying to force a compelling event and get the customer to move into the new MK lineup rather than do a band aid TKIP reconfigure of their legacy MK1150s and MK1250s. We were looking for a date/timeline to use a lever.  From your answer, and from what I've been able to find through my other sources, it sounds like there isn't anything definite in terms of when TKIP will no longer be accepted. Yes, WPA2 and AES are definitely the way to go but we are unable to tell the customer how long they still have if they went with TKIP on the older MKs. Thanks again! Cheers, Jeff

WiFi alliance is now supporting removal of TKIP from WiFi certification test.  that means as of Jan 1, 2011 infrastructure products are prohibited from supporting TKIP.  prohibition of TKIP on mobile devices is to follow in 2014. we have customers asking what is Motorola's position/direction on this and what it means to their bussiness (see attached WiFi aliance announcement). do we have a company position on WNS and MCD products? are we going to remove TKIP from our WLAN products, next year? thanks, afshin