China battles for recognition of WiFi encryption standard
By Stuart Corner
Tuesday, 30 May 2006
China's official Xinhua news agency has reported that China has lodged an appeal against a March decision by the International Standards Organisation (ISO) to reject its proposal for a WiFi security standard, in favour of one proposed by the IEEE (802.11i).
The move marks the latest development in a long-running saga replete with paranoia that the Chinese standard has been deliberately designed to enable the Government to intercept any communications of its choice. (来源：英语杂志 http://www.EnglishCN.com)
The original WiFi encryption, Wireless Protected Access, was notoriously week and lead both the IEEE and the Chinese to develop replacement standards.
China selected WAPI as its national standard for wireless local area networks in 2003 and initially required all WLAN equipment sold in China to comply with the new technology as of December that year. The decision created huge friction with the US because it would have effectively closed the huge Chinese market to all US developed WiFi products.
According to Xinhua, "during the following annual meetings of the Joint Commission On Commerce And Trade between China and the United States, China agreed to delay the compliance requirement for the WAPI standard because of pressure from the 802.11i camp through the American government."
Both 802.11i and WAPI were put forward to the ISO for adoption as a standard under its fast track approval process and in March the ISO voted overwhelmingly to accept 802.11i and reject WAPI.
Xinhua claims to have access to an appeal to the ISO lodged by the China Broadband Wireless IP Standard Group (BWIPS) in which it claims that the ISO allowed the IEEE to break its rules during the fast-track approval process. BWIPS claims to has collected 49 pieces of evidence proving its case against IEEE.
In its statement, according to Xinhua, BWIPS said: "The serious violations are rare in ISO's standardisation history," and added that IEEE "unjustly" and "unfairly" violated ISO rules which misled many national bodies that voted on the new international standard.
China is asking the ISO to immediately launch an investigation into the fast-track process to determine "whether the ethical and procedural rules and principles have indeed been violated and whether the ballots have been unfairly influenced by those ethical and procedural violations".
"Until results are reached on these important issues, no further processing of the two proposals are allowed," said the appeal, which also asked the ISO to take corrective measures if the ethical and procedural violations are proven. ISO, according to Xinhua, has said it will investigate the claims.
BWIPS has also attacked 802.11i describing it as "immature... containing many serious technical defects and numerous editorial errors": shortcoming which it says should require further evaluation and discussion under ISO rules.
One of the main criticisms levelled against WAPI in the West is that the algorithms are not public and therefore independent verification of the strength of the security is not possible, nor can it be guaranteed that there are not deliberate 'trapdoors'; built in to enable the Chinese government to intercept communications at will. (Some commentators believe this to be a one hundred percent certainty).
However it would not be the first time that secret algorithms have been accepted as international standards. The algorithms used to encrypt GSM phone calls were initially kept secret but detail leaked out in the late 1990s and they have now been comprehensively compromised: it is possible to buy, off the web, devices that will enable any call within range to be intercepted and rendered into clear speech.
Also, recent developments in the US show that the desire for wide scale monitoring of its citizens' communications is not the exclusive preserve of communist states.
And even before the rise of post 9/11 paranoia, there was, and still is the notorious Project Echelon. According to Wikipedia "Echelon is a highly secretive world-wide signals intelligence and analysis network run by the UKUSA Community [which] can capture radio and satellite communications, telephone calls, faxes and e-mails nearly anywhere in the world and includes computer automated analysis and sorting of intercepts."
No wonder the Chinese want their own wireless security standard. And no doubt also they would find a ready market for it elsewhere.