World Library  
Flag as Inappropriate
Email this Article

WLAN Authentication and Privacy Infrastructure

Article Id: WHEBN0000763049
Reproduction Date:

Title: WLAN Authentication and Privacy Infrastructure  
Author: World Heritage Encyclopedia
Language: English
Subject: Reference desk/Archives/Computing/2015 July 18, Guobiao standards, SMS4, Standardization Administration of China, Meizu MX
Publisher: World Heritage Encyclopedia

WLAN Authentication and Privacy Infrastructure

WLAN Authentication and Privacy Infrastructure (WAPI) is a ISO. It was resubmitted to ISO in 2010, but was cancelled as a project in 21 Nov 2011 after being withdrawn by China. [1]Part of the reason for withdrawal is thought to be the well documented observations by IEEE representatives that showed WAPI was equivalent to a small subset of IEEE 802.11i based systems.


  • How the Standard Works 1
  • Criticism 2
  • History 3
    • US–China trade dispute 3.1
    • ISO rejection 3.2
    • ISO resubmission 3.3
    • Chinese cell phone usage 3.4
  • See also 4
  • References 5
  • External links 6

How the Standard Works

WAPI, which was initiated to resolve the existing security loopholes (WEP) in WLAN international standard (ISO/IEC 8802-11), was issued to be Chinese national standard in 2003. WAPI works by having a central Authentication Service Unit (ASU) which is known to both the wireless user and the access point and which acts as a central authority verifying both. The WAPI standard (draft JTC1/SC6/N14619) allows selection of the symmetric encryption algorithm, either AES or SMS4, which has been declassified in January 2006 and passed evaluation by independent experts.


One argument was WAPI standard used security through obscurity, another is that it was designed to limit trade into China, as well as requiring foreign companies to provide confidential trade secrets to Chinese corporations.


US–China trade dispute

In late 2003, the Chinese government announced a policy requiring that wireless devices sold in China include WAPI support and foreign companies wanting access to the Chinese market could produce WAPI-compliant products independently or partner with one of 11 Chinese firms to which the standard was disclosed. This issue became a point of trade discussions between the then United States Secretary of State Colin Powell and his Chinese government equivalent. China agreed to indefinitely postpone implementation of the policy.[2]

ISO rejection

The Chinese Standards Association (SAC: Standardization Administration of the People's Republic of China) subsequently submitted WAPI to the ISO Secretaries General decided to send the proposals to parallel fast track ballots. In March 2006, the 802.11i proposal was approved and the WAPI proposal was rejected. This result was confirmed at a Ballot Resolution meeting held in June 2006, during which the SAC delegation walked out.

The result was subject to two appeals by SAC to the ISO/IEC Secretaries General that alleged "unethical" and "amoral" behavior during the balloting process and irregularities during the ballot resolution process. The official Chinese news agency

After the preliminary results were announced in March 2006, various press reports from China suggested that WAPI may still be mandated in China. TBT (Technical Barrier to Trade) declarations to the WTO in January 2006 and a statement in June 2006 to ISO/IEC JTC1/SC6, in which SAC said they would not respect the status of 802.11i as an international standard, seemed to support this possibility. However, as of early 2007, the only official Chinese policy related to WAPI is a "government preference" for WAPI in government and government-funded systems. It is unclear how strongly this preference has been enforced, and it seems to have had little effect on the non-government market.[3]

ISO resubmission

In 2009, the China NB was encouraged by SC6 to resubmit WAPI to SC6.[4] It was allocated the standard number ISO/IEC 20011 after passing the first stage of balloting. Positive votes and commitments to participate in the standardisation process were received from China, Korea, Czech Republic, Switzerland and Kenya. Negative votes were received from the US and the UK. The US and the IEEE 802.11 Working Group provided numerous detailed comments rebutting the case for standardisation made by the China NB in the New Project proposal.

The required comment resolution on the ballot only started in June 2011, with the US, UK, China, Korea and Switzerland NBs and the IEEE 802.11 Working Group all participating. The Swiss NB representative admitted during the process that he was a paid consultant to IWNCOMM, the Chinese source of the WAPI technology. The Kenya and Czech NBs did not participate in the comment resolution process or in any other discussions related to WAPI after the close of the ballot in early 2010.

The comment resolution process failed after agreement could not be established on a variety of fundamental issues. For example, the China NB continued to insist that WAPI was justified because 802.11 included WEP, which is known to be broken. On the other side, the US NB and the IEEE 802.11 NB noted that WEP-based security had been deprecated in favour of WPA2-based security in IEEE 802.11-2007, and that no one had ever alleged any issues with WPA2-based security. In addition, the IEEE 802.11 WG noted that the functionality offered by WAPI systems was equivalent to only a small subset of the security offered by WPA2-based systems.

The China NB eventually withdrew WAPI in October 2011 (document JTC1/SC6N15030) and the project formally cancelled by SC6 in February 2012. The reasons for the withdrawal are unclear. The Chinese proponents of WAPI from IWNCOMM were clearly very unhappy when the withdrawal was announced. It has been speculated that Chinese government authorities ordered the withdrawal on the basis that WAPI had failed to be standardised by ISO/IEC after eight years. In addition, despite mandates for WAPI to be implemented in China in Wi-Fi enabled mobile phones and by the three Chinese service providers, it is very rarely used in practice.

Chinese cell phone usage

Mobile phones in China are controlled by MIIT. Mobile phones coming out in China in 2009 required to support the WAPI standard.[3] One of the sticking points behind the iPhone in China was the support of WiFi without the WAPI standard.[5] In the end, it was released without any WLAN at all.

According to China's State Radio Monitoring Center Chinese, in April 2011 regulators approved the frequency ranges used by a new Apple mobile phone with 3G and wireless LAN support including WAPI.[6] Dell Inc's Mini 3 phones have also received network access licenses for China.[7]

The Chinese government's preference for the WAPI standard in some respects is similar to their preference for the TD-SCDMA for their 3G network.

See also


  1. ^ Minutes of JTC1 Ad Hoc Meeting Thursday PM1, 19 Jan 2012. IEEE Standards Association.
  2. ^ Shim, Richard. "China reaches trade accord, postpones WAPI requirements indefinitely". Retrieved 2009-07-14. 
  3. ^ a b Fletcher, Owen. "Years on, China Pushes WAPI in Mobile Phones". Retrieved 2009-07-14. 
  4. ^ "Made-in-China WAPI standard resubmitted for global use". Retrieved 2009-07-14. 
  5. ^ Burrows, Peter. "Apple Will Strike iPhone Deal In China Three Months Earlier Than Expected, Says Analyst". Retrieved 2009-07-14. 
  6. ^ Fletcher, Owen. "Apple Tweaks Wi-Fi in IPhone to Use China Protocol". Retrieved 2010-05-04. 
  7. ^ Fletcher, Owen. "Pictures of New Dell 3G Phone Put on China Regulator Site". Retrieved 2010-05-04. 

External links

  • SunTzu International LLC on WAPI
  • The Chinese WAPI Delegation has returned from Geneva, where at the headquarters of the International Organization for Standardization it took part in a meeting with a group promoting IEEE 802.11i
  • The International Organization for Standardization (ISO) rejected China's domestic wireless LAN technology to become an international standard
  • ISO/IEC JTC 1 N7904
  • Xinhua May 29, 2006, report on appeals to ISO
This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.

Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.