China has reportedly filed an appeal with the ISO standards body over its proprietary wireless LAN encryption algorithm: WAPI (Wired Authentication and Privacy Infrastructure) continues to make waves in international security and standards circles. The Chinese official news agency Xinhua reported today that a domestic industry trade group filed appeals in April and May with the international ISO standards body over ethics issues involved in the fast-track rejection of WAPI alongside IEEE 802.11i.
The Xinhua agency reports that the China Broadband Wireless IP Standard Group (BWIPS)--the recently formed WAPI Industrial Union isn't mentioned here--has collected 49 pieces of evidence proving ethics violations. The 802.11i standard was fast-tracked for consideration of approval; WAPI was rejected, in part, according to reports in March of this year, that China failed to disclosed key portions of the specification, including cryptography.
The group of 22 firms that are involved with WAPI's future were earlier reported to include many with government and military investments and control, which is a typical occurrence in China.
I've written a lot about WAPI; you can find earlier posts here. My ongoing concern, shared by many Wi-Fi industry insiders, is that without WAPI being fully published for examination, there's no way to determine the strength and integrity of the protocol--including whether backdoors are part of the standard. I've been told by some readers this is a paranoid attitude, but I'd suggest that events of the last six months make it clear that China wants to be able to monitor all data traversing its local networks and the Internet.
Update: PC Magazine provides a little more background detail on the dispute which centers on the IEEE recommending its own amendment to the ISO standard to IEEE international members, where the Chinese standards' backers believe the IEEE should have presented its members with an impartial representation of the two amendments.
A University of New Haven School of Business professor with a background in Chinese business operations sides with my take on WAPI. She says in this article, "China's WAPI standard could allow backdoor access to the technology, which is not really allowed. And China has no motivation to prevent backdoor access to the technology so this is one of the tussles. It's very characteristic of Chinese business. China has all kinds of on-the-books and off-the-books trade barriers."