1. What does wapi mean
1. WAPI (Wireless LAN Authentication and Privacy Infrastructure) is a security protocol, and it is also a mandatory standard for wireless LAN security in China.
2. WAPI, like infrared, Bluetooth, GPRS, CDMA1X and other protocols, is a kind of wireless transmission protocol, but different from them is that it is a transmission protocol in wireless local area network (WLAN), and it is the same technology as the 82.11 transmission protocol.
3. At present, there are only two standards in the global wireless LAN field, namely IEEE 82.11 series standards (commonly known as Wi-Fi, including 82.11a/b/g/n/ac, etc.) proposed by American industry standards organization and WAPI standard proposed by China. WAPI is China's first secure access technology standard with independent innovation and intellectual property rights in the field of computer broadband wireless network communication.
4. This scheme has been officially approved and issued by the IEEE Registration Authority, an organization authorized by ISO/IEC of the International Organization for Standardization (ISO/IEC), and assigned the Ethernet type field for WAPI protocol, which is the only approved protocol in China.
5. Unlike the one-way encryption authentication of WIFI, WAPI authenticates in both directions, thus ensuring the security of transmission. WAPI security system adopts public key cryptography technology, authentication server AS is responsible for issuing, verifying and revoking certificates, and both wireless client and wireless access point AP are equipped with public key certificates issued by AS as their own digital identity certificates.
2. The role of wapi
1. In 213, Snowden exposed the Prism Gate incident in the United States, and at the same time revealed that more than a dozen intelligence agencies in the United States, including NSA, Department of Homeland Security, FBI and CIA, buried cryptographic algorithms and security mechanism schemes with obvious technical defects into the international standards they led and participated in through long-term cooperation with American standard-setting institutions, thus implementing the technical standard control path of the global network monitoring plan. This has sounded the alarm for the network and information security of all countries, and all countries have begun to re-examine the security of WIFI and the real intention of the United States to block WAPI, which has also become an opportunity for WAPI to regain its life.
2. For individual users, the biggest benefit of WAPI is to make their laptops safer from now on. As we know, WLAN is very fragile in security because of its fast transmission speed and wide coverage. Because data is exposed in the air during transmission, it is easy for people with ulterior motives to intercept data packets. Although 3COM, Annette and other foreign manufacturers have made a series of security solutions for 82.11, they are not satisfactory in general, and their core technologies are in the hands of other countries. Since they can make them, they must have a way to crack them, so it has become a major hidden danger for government and commercial users to use WLAN in terms of security. WIFI encryption technology has experienced the evolution of WEP, WPA and WPA2, which greatly improved the security and cracking difficulty every time. However, due to the defects of its one-way authentication, these encryption technologies have been cracked and published.
3. WAPI is more advanced than 82.11 because it adopts more reasonable two-way authentication encryption technology. WAPI adopts the elliptic curve encryption algorithm of public key system and the block encryption algorithm of secret key system approved by the Office of the National Cryptography Management Committee, which realizes the identity authentication, link verification, access control and encryption protection of user information in wireless transmission. In addition, WAPI can be divided into single-point and centralized application modes, which can completely reverse the current situation of coexistence and incompatibility of various security mechanisms adopted by WLAN, and fundamentally solve the security and compatibility problems. Therefore, China's compulsory requirement for relevant commercial organizations to implement WAPI standards can protect data security more effectively.
4. In addition, interconnection between devices is a problem that operators must consider. At present, although many manufacturers claim that their products have passed the wi-fi compatibility test, the security solutions proposed and adopted by different manufacturers are different. For example, Annette (AT-WR2411 wireless network card) provides a multi-level security system, including spread spectrum coding and encryption technology. The secure information is encrypted by 4-bit and 128-bit Wired Equivalent Privacy (WEP). However, if 3Com's wireless network card is used in conjunction with 3Com 11 Mbps wireless LAN Access Point 6, it can use advanced dynamic secure link technology, which is different from the scheme of * * * sharing key, and it will automatically generate a 128-bit encryption key for each session.
5. China is a developing country with booming economy, and many products have huge development space, especially high-tech products. However, in the past, China lost a lot of opportunities in high-tech products. Because there were few products with independent core technologies and its own industry standards, it caused a rather passive situation: DVD was charged a lot of patent fees by foreigners, and the standards of GPRS and CDMA1X were in the hands of foreigners. We could only obediently give a lot of money to others to buy their standards, while we were like a "part-time" worker who could only engage in OEM and help people assemble. Therefore, some people say that "first-class enterprises sell standards, second-rate enterprises sell technology, and third-rate enterprises sell products".
3. Competition with WIFI
1. WAPI is a wireless LAN security technical standard independently developed by China with independent intellectual property rights. Compared with WiFi, WAPI can make laptops and other terminal products more secure for users. Although the security of WAPI has been recognized internationally, including the United States, it has always been blocked by the WIFI alliance. First, it claims that the technology is not safe for China, the so-called China; Second, it claims to be incompatible with existing WIFI devices. Due to the blockade of the United States, WiFi has dominated the market.
2. There are few products in the market that simply apply the WAPI security protocol standard, and there are no wireless routers for the time being. Only Lenovo, Sony and Founder have ever introduced notebook computers. In practice, WAPI has been in a state of non-adoption and marginalization. In fact, wireless devices can support both WIFI and WAPI standards, just add a WAPI certificate to the software, and there is no hardware cost or the so-called problem of splitting the whole wireless world. However, the construction of WiFi standard with serious defects will make the national public infrastructure network have great security risks and public information security problems.
3. As early as 26, Kan Kaili, a famous telecom expert and professor of Beijing University of Posts and Telecommunications, said that the only difference between WAPI and WiFi is that WAPI is better than WiFi in authentication and confidentiality. Although WIFI is not compatible with WAPI, laptops or other terminal products applying WAPI standard can automatically switch and receive WiFi signals, even when they are taken abroad.
4. The technical experts of WAPI Alliance told reporters that it is not necessary to buy a separate network card to use WAPI in order to fully promote WAPI in China. "As long as Intel is willing to publish the WAPI software patch of Centrino notebook online or directly embed the driver into the operating system for installation, Centrino notebook or wireless products adopting WiFi standard can apply the WAPI standard wireless network." The expert said, "This matter is a piece of cake for Intel. The key to the problem is whether Intel is willing or not, not whether it can! "
5. In order to be compatible with the devices they produce, even the devices that support WAPI actually still use the WIFI encryption standard, so WAPI has become a decoration. For example, Xiaomi mobile phone and iPhone support WAPI encrypted signals, but if they are really used, they need wireless routers to transmit signals according to WAPI protocol. Otherwise, in the WIFI network environment, the mobile phone terminal still implements the WIFI protocol, which is why WAPI has no presence in China.