Broadcom announced a one-button WPA security system for home networks and consumer electronics: The new revision of Broadcom's system to make it easier to secure home networks without entering settings is called SecureEasySetup (formerly SecureEZSetup), and is backed initially by Linksys and HP in a press release; Buffalo Technologies separately confirmed that they will also support the system through firmware upgrades.
SecureEasySetup in its simplest form requires manufacturers of Wi-Fi equipment to put an external button on their devices. Pressing such a button on an access point or gateway and then, within a short interval, on a piece of equipment like a Wi-Fi PC Card, a Wi-Fi-equipped DVD/media player, or Voice over IP (VoIP) Wi-Fi phone causes a secure connection to be created between the device and the Wi-Fi router. A WPA Personal key is then provided to the device, enabling it to get on the network with no manual configuration.
This one-button approach can be simulated through client software as well for older devices or devices that don't have the form factor for an external button.
The initial pass on this system last year was welcome but a bit wonky and didn't catch on due to too many manual parts of the process. Broadcom took a page from Buffalo's AirStation One-touch Secure System (AOSS) and took it down to the fewest necessary steps--and no typing.
"All you need to do is press a button on a router, then press a button on the client and then you're done," said Jeff Abramowitz, the senior director of marketing for Broadcom's home and wireless networking business unit. This new system is designed to help people connect all kinds of devices, he said, not just wireless LAN equipment.
He noted that while today most home use involves computers and a gateway, manufacturers are rapidly releasing devices that rely on Wi-Fi as a means, such as Wi-Fi in televisions sets, automotive entertainment systems, and VoIP phones. There's no easy way to enable security with many of these categories of devices. Printers, particularly, are a problem to bring onto a secured network as more and more come with Wi-Fi built in or available through a dock or adapter. Web-based configuration tools for printers and even access points are beyond the level at which most consumers want to interact with their equipment.
Abramowitz said that although their announcement today at the Consumer Electronics Show was made in conjunction with Linksys and HP, Broadcom expects announcements throughout 2005 from consumer electronics makers, VoIP handset developers, and even PC manufacturers who can add a SecureEasySetup button to laptops and desktops. (The button itself, by the way, has no functionality other than to trigger a specific piece of software rather than firmware.)
Read the rest of the story...
The system is set up by first pressing a button on an access point, which then indicates through flashing lights or other signals that it's generating a long WPA Personal key and a unique SSID or network name. The combination of a unique network name and a full-length WPA Personal key eliminates the potential of cracking. (Dictionary-word-based keys in conjunction with default SSID names--like "default"--can be cracked through precomputed databases of short keys.)
After the initial setup, pressing the access point's button again puts it into a receptive mode. Pressing a software or hardware button on a client device initiates the key exchange through a secure tunnel. The only degree of insecurity would lie in someone initiating their own client exchange before the user's client had begun its process. But for home networks, it's unlikely to be a security issue. (Tools for WPA Enterprise are emerging for small offices that should obviate the need for a shared WPA Personal key in this manner, too.)
Abramowitz said that the SecureEasySetup standard would be made available to the Wi-Fi Alliance. "We initiated the task group that is currently in the Wi-Fi Alliance," he said. "Our objective is to create an industry standard." He added, "The good news for Broadcom at this point is that we're the largest player in the wireless LAN silicon marketspace. If we can grow the pie, then it obviously benefits us the most." Reducing the friction for security is one of the steps that helps keep users satisfied.
The SecureEasySetup system looks quite obviously like Buffalo Technology's AOSS, released in early 2004 for their AirStation product line. It's also appeared in a display device from Sharp. I spoke to Buffalo's Morikazu Sano, the vice president of marketing and public relations, to ask him how SecureEasySetup affects Buffalo's approach to the market. (Buffalo press release)
Sano said Buffalo wholeheartedly supports the Broadcom initiative, and Buffalo already has plans to integrate SecureEasySetup as a firmware upgrade for greater interoperability into its existing and future products. "Our messaging has been very very consistent: We would like to see the industry take this one push button method," Sano said. "This one-touch security setup method will help everybody to set these devices up wirelessly in the future, even my mother."
Sano said that he recently upgraded his home network with new (and some yet unreleased devices) from Buffalo all of which had AOSS buttons. He asked his 6-year-old daughter to set up the network security. "It didn't take her 15 minutes to connect four different devices with AOSS technology. She was very excited with pressing buttons and seeing the LED lights flashing quickly," Sano said.
The consumer electronics market is a big issue for Sano, too, who sees a broader acceptance of a single push security solution as aiding the sales of new home devices.
The only concern that might constrict the deployment of SecureEasySetup comes in the patent realm. Sano confirmed that Buffalo has filed for patents on AOSS and has not yet decided on licensing terms. Sano said, "The patent issue for others, we haven't really decided, but our main goal is letting everybody use it." He noted that Buffalo filed the patents defensively to avoid having the rug pulled out from under technology that they had invented.
Patents aside, EasySecureSetup should be a major force through just the initial companies announced--which represent significant parts of the Wi-Fi and printer worlds--in allowing home users to secure their networks with greater ease than ever before.
It works just like my garage door opener and its remotes.