China Frustrated In Encryption Talks 252
mikesd81 writes "According to an AP article, the Chinese are pushing for the encryption standard called WAPI. It's not going so well, as the majority of countries are taking the IEEE standard 802.11i. From the article: 'An international dispute over a wireless computing standard took a bitter turn this past week with the Chinese delegation walking out of a global meeting to discuss the technology. The delegation's walkout from Wednesday's opening of a two-day meeting in the Czech Republic escalated an already rancorous struggle by China to gain international acceptance for its homegrown encryption technology known as WAPI. It follows Chinese accusations that a U.S.-based standards body used underhanded tactics to prevent global approval of WAPI.'"
No current implementation? (Score:5, Insightful)
So the Chinese are pushing for a standard that no one can currently verify as being secure and then they get angry?
Re:Maybe I'm too paranoid, but... (Score:4, Insightful)
Re:Maybe I'm too paranoid, but... (Score:5, Insightful)
AES versus a Chinese government-approved algorithm which you can only get a specification for by agreeing to partner with one of eleven Chinese firms is not a difficult decision.
wireless encryption (Score:2, Insightful)
Re:Maybe I'm too paranoid, but... (Score:1, Insightful)
Re:wireless encryption (Score:5, Insightful)
China also seems to be in love with the idea of the central server verifing the security between the client and AP. Centralized key serving scares me even when the implementation is known to be secure. The key servers in China will be controlled by whom?
Re:It boils down to... (Score:2, Insightful)
It is never a good idea to trust technology supplied to you by people with a vested interest in spying on you.
I trust neither (Score:5, Insightful)
If anything, a free and most of all open standard could win my heart. But as long as governments are involved, who have an inherent interest in snooping, I will not rely on their security only and use encryption that is under MY (or at least that of about a billion flaw-seekers worldwide) control.
it's all about money (Score:2, Insightful)
Erm (Score:4, Insightful)
I don't trust China and I don't trust America, but last time I checked "offical" ment jackshit in the tech world. People will use what they deem is best and anything official will either be picked by geeks and become standard or it'll be dead within a few years and replaced by another standard untill geekdom kicks in.
Re:Maybe I'm too paranoid, but... (Score:5, Insightful)
In fairness, the Chinese could have a legitimate reason to want their own encryption standard: they own the IP on it. Down the road there could be quite large licensing costs on 802.11n devices. Since this would be an area where the chinese would have the same cost base (for export) it would have the effect of making chinese router exporters less competitive relatively speaking. They would both be funding their rivals and any cost savings they could make in manufacturing would make up a smaller proportion of the cost of the device.
The actual effectiveness (or lack thereof) of the encryption might be as irrelevant as it is in many standards conflicts.
Re:It boils down to... (Score:5, Insightful)
Not so fast Sherlock... (Score:5, Insightful)
Hypocracy (Score:4, Insightful)
But please, tell me, how many cryptographers were consulted BEFORE the design of WEP? I know of a few who worked on the implementation AFTER the design [e.g. when they couldn't change things]. WEP and WAP [and WiMAX and
Like it's so fucking hard to get a shared-secret lossy communication medium secured... AES + CCM + proper rekeying == router that doesn't cost 69.95$ at Fry's but does == a wifi device you can trust.
Tom
This "standard" is fucking ridiculous (Score:5, Insightful)
That's fucking ridiculous.
The standard is unpublished, and will not be published. It checks in security keys with a centralized Chinese government server.
I cannot imagine a world that would permit this to become an international standard, and if China insists on all equipment manufactured within its borders to have this technology it'll just push electronics manufacturing out of China.
For a long time, people have predicted that the heavy hand of the Chinese government will one day disrupt the economic boom happening there. I hope to god not; an unstable, economically volatile China sounds like a nightmare to me.
Re:censorship (Score:2, Insightful)
Re:Maybe I'm too paranoid, but... (Score:4, Insightful)
Poor diplomacy is counterproductive (Score:5, Insightful)
Raises interesting question (Score:4, Insightful)
And since they own all our manufacturing capacity, there would be little we could do about it. It would take years to tool up enough manufacturing to replace everything we depend on them to produce.
I guess being dependent on foreign oil wasn't good enough. We had to match that folly by sending our component manufacturing overseas as well.
Re:Maybe I'm too paranoid, but... (Score:1, Insightful)
Enjoy the police state.
Re:Maybe I'm too paranoid, but... (Score:3, Insightful)
I fully expect that if their product was made the standard, and some Western nation started ripping it off without paying the licensing fees, the PRC would throw a full-on diplomatic/economic hissy fit. In exchange for royalties, they would agree to consider, in principle, someday, perhaps soon, to appoint a minister to draft a paper on the creation of a committee to enforce and respect other nation's IP within the Chinese domestic market. Or they'd make some noises and arrest some (preferably Western) person for making bootleg DVDs, and then forget about it until the next time trade negotiations roll around.
That's how they do business. Seems to be working for them, though.
Re:"Christian"? WTF? (Score:2, Insightful)
2) By the very definition of Christian (do unto others..., Love your neighbor as yourself..., love your enemy, etc.) anyone who would burn a person out of their house is NOT a Christian. Just like anyone who would commit a suicide attack on innocents (or suicide in general) is NOT acting within the bounds of Islam and are NOT Muslim.
One final thought. I'd much rather trust a person of religious faith (any faith for that matter) that says there is more to this world than what we see and that there is an absolute mandate to be spiritually "good" than I would trust a philosophy that says that the material world, run by materialistic rules, is all that there is (this includes both Capitalism and Communisim).
Re:No current implementation? (Score:2, Insightful)
For quite a few applications, that's enough to deep six SMS4 right there.
Presuming an area full of sniffers, is there much doubt as to the safer choice between published asymmetric and unpublished symmetric?
It's nice that people worry so much about them getting into a snit & walking out of a meeting. I mean, it's not like anyone could just go ahead & make decisions without their input, could they?
Re:I guess the Chinese aren't good diplomats (Score:5, Insightful)
They proposed a secret standard, with a central key repository (located on Chinese government servers). Implementation of this standard was given to 12 Chinese companies, and developing any devices based on this standard requires partnering with these Chinese manufacturers.
It isn't patent-encumbered, but that's because its a secret, and patenting it would require releasing the details.
There isn't any debate to win. Not only is it proprietary versus open, its proprietary and exclusively controlled-and-licensed-and-manufactured by the Chinese government and Chinese state-owned companies.
Everything about WAPI is wrong.
Re:Maybe I'm too paranoid, but... (Score:2, Insightful)
I think this particular sentiment is hilarious in its nature. We have a population and land mass at least as big as any european country - per state. Yes. Our country has problems. It comes from having to manage a LOT more counrty than yours does. So yeah, you provincial fuck, shove it up your ass.
As for thinking how other countries should be run - well, not so much. We suggest capitalist democracy, as that tends to place control, at least in the early stages, in the hands of the citizenry. No, I don't exactly trust a communist government. I'll deal with a socialist government; at least the government's just redistributing resources at that point, but I'm not a fan of 'the government owns everything'. Absolute power and all.
Can't run our own? Been doing it for over 200 years, and despite our issues, are still the number one economic force in the world. I'm not saying we're doing a spectacular job, but honestly, being the best country in the world is like being the valedictorian of summer school.
Police state? Yeah. You're clever. No, seriously, what police state? The one in which we have standards formed by the IEEE? 'cos last I checked, the 'I' stood for 'International'. Not that the wireless standard we use is in any way related to ourpolice statiness.
Dropping the Bomb (Score:3, Insightful)
Re:"Christian"? WTF? (Score:4, Insightful)
Re:"Christian"? WTF? (Score:4, Insightful)
Last night, 60 minutes had a great expose about the plan B. We are trying to move to over the counter since it has been shown to be safe. The admin shelved it due to concerns about under developing kids. getting it. So the company pushed for through the pharmasist, but no prescription needed (i.e. control of the drug). This time, the admin flat out tabled it and even went so far as to speak about moral objections, but not one word of a scientific argument against it.
They are currently trying hard to table a vaccine that would prevent cervical cancer for women, but it has to be admin as a child. The gov. is now fighting it as they argue that it would make women more promiscious( this is the same argument that Reagan used in 1981 to not fund CDC additionally for fighting against the HIV beginning; that religious choice has literally cost America 100's of billions of dollars and 10's of 1000's of lives and will continue to do so until a vaccine is developed). Fortunately, once this admin is gone, it is most likely that the next admin will reverse that choice, and this one will only cost America a few thousand women lives and 100's of millions of dollar (a high price, but it is stoppable).
I do not like Iran, but at least they are open about. They hold an election, and then the freely elected governs in conjuction with islam priest. OTH, America holds and election and if a far right winger gets in, he is beholden to the christian extermists (bear in mind, that the vast majority of christians are not extremists and do not desire to have the church control us; just a small minority who are hard core; Focus on the Family, Pat robertson (1 ton leg lifts or lets murder chavez), Oral Roberts(god is recalling me), and of course, the moral majority (which are neither) ).
Re:Maybe I'm too paranoid, but... (Score:4, Insightful)
WAPI is only avaliable for Chinese manufactures.
In trying to make WAPI the international standard for Wireless Encryption, China is trying to position itself as the defacto manufacturer for all wireless devices, software and/or hardware.
This is not going to work.
Re:No current implementation? (Score:3, Insightful)
Re:"Christian"? WTF? (Score:2, Insightful)
Conversely, people who accept reality are not in the habit of deluding themselves, and are less likely to lie to themselves and excuse their own actions. This is more likely to result in a trustworthy person. "Be true to yourself" is good advice.