News Archive (1999-2012) | 2013-current at LinuxGizmos | Current Tech News Portal |    About   

Secure WiFi client stack supports WPA2, CCX, Linux

Nov 7, 2005 — by LinuxDevices Staff — from the LinuxDevices Archive — 17 views

Devicescape Software is shipping a cross-platform WiFi stack for wireless consumer and office client devices, such as digital televisions and gaming consoles, printers, LCD projectors, and VoWiFi (voice-over-WiFi) handsets. Secure Wireless Client 1.0 (SWC) targets Linux and supports the latest WiFi chipsets, security standards, and Cisco extensions, the company says.

Devicescape (formerly Instant802) has previously marketed its Universal Wireless Platform (UWP), which comprises a complete commercial Linux distribution and WiFi stack for wireless access points. However, SWC is the company's first portable, off-the-shelf product targeting client devices. Unlike UWP, SWC does not include a full Linux implementation — it comprises user-space “supplicant” software that provides security, authentication, connection, and roaming management.


SWC interfaces diagram
(Source: Devicescape)

Devicescape hopes SWC will help client device vendors implement WiFi quickly, with high confidence of achieving Wi-Fi Alliance certification. The Alliance uses Devicescape software as the “gold reference standard” in its certification tests, the company claims.

Cross platform

Vice President of Marketing Glenn Flinchbaugh says SWC was written with portability in mind, to address the diversity of the WiFi client market. As a result, SWC is Devicescape's first product to support both embedded Windows and embedded Linux platforms. The product is available initially for Linux 2.4, 2.6, and uClinux, in addition to both Windows CE 5.0 and Windows Mobile 5.0.

He explains, “Wireless access points seem to all be running Linux. There's a little bit of NetBSD out there. But we don't see semiconductor vendors doing a lot of VxWorks with their chips. On the client side, Linux is a big force, but devices are still running multiple OSes, including VxWorks, Windows CE, iTron, and so on.”

SWC is written in ANSI C for portability, and is tested on Intel's x86, PXA27x, and IXP processors, as well as on MIPS, Flinchbaugh says. It has little driver dependency, and can work with essentially any chipset for which a suitable driver exists. It has been validated with recent chipsets from the “big three” WiFi chipmakers — Atheros, Broadcom, and Marvell — and Devicescape can supply verified drivers for some chipsets, he adds.

Cisco-compatible extensions (CCX)

According to Flinchbaugh, Devicescape is the only embedded WiFi stack vendor with a CCX license, and it can provide a version of SWC with CCX functionality to customers with CCX licenses.

Cisco Compatible Extensions extend WiFi standards with proprietary technology aimed at improving performance and interoperability in various ways. Flinchbaugh explains, “CCX is interesting because Cisco has a 70 percent share of the enterprise AP market. People say it's vendor lock-in for Cisco, but the positive side is better roaming, QoS, and security.”

He adds that CCX is especially interesting for VoWiFi applications. “The first three versions of CCS were for laptops, but CCX v.4 is a 'voice release.' Cisco is going after VoWiFi handsets,” he says.

Market research from ABI suggests that “converged” mobile handsets with both cellular and WiFi radios will catch on, because WiFi works better than cellular indoors.

Typical access points support only five simultaneous voice calls, Flinchbaugh says, due to high protocol overhead and the way 802.11 handles timeslices. “It's crazy, because you have a theoretical throughput of 11Mbps on 802.11b, and voice calls are only 16-32Kbps. But, if you do some tricks with QoS [using CCX], you can get it up to 30 to 40 calls on an access point.”

The CCX 4.0 release additionally adds support for power saving techniques for embedded devices. “Phones will shut down the WiFi chip, and wake it up periodically, but the AP has to buffer data. If you time that right, you have fine quality of voice, but can save battery power,” Flinchbaugh explains.

CCX also adds support for a number of EAP (extensible authentication protocol) methods, Flinchbaugh says, including an 802.1x method for integration with Radius servers that Cisco donated to open source. Devicescape can support all available CCX EAP methods, Flinchbaugh claims. “No matter what somebody is building, they can get the right EAP method to gain a strategic advantage,” he said.

WPA2

In addition to CCX-based security, SWC supports WPA2, the newest wireless security standard from the Wi-Fi Alliance. Flinchbaugh says demand for WPA2 runs high among Windows Mobile device makers, because Microsoft does not offer a WPA2 client suitable for embedded use. “Microsoft doesn't provide it, and apparently isn't going to provide it. Technology trickles down from Windows XP to Windows CE, and while WPA2 was recently added to XP, the client is 70MB.”

The entire SWC stack, in contrast, has a footprint of about 150KB, exclusive of the SSL library. Devicescape can supply an OpenSSL library with a footprint of about 1MB, Flinchbaugh says, and SWC also supports embedded SSL libraries from PeerSec and Certicom.

Availability

SWC is available now, priced at $50K per device project. Devicescape's UWP product has shipped since February, priced at $75K per project.


 
This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.



Comments are closed.