How is WPS supposed to work?

Photo of author

Tim Higgins

WPS is a wireless security setup protocol that the Alliance brokered as a way to get Buffalo, Intel, Atheros, Broadcom and Microsoft to stop working at cross-purposes. WPS combines elements of Broadcom’s Secure Easy Setup, Buffalo’s AOSS (AirStation One-Touch Secure System), Atheros’ JumpStart, Intel’s Smart Wireless Technology and Microsoft’s WCN (Windows Connect Now) into a single method for getting a wireless network securely set up quickly and easily.

As with similar brokered initiatives such as WPA, WPS has taken way too long to get into actual products. But now that it is, I don’t think it really works.

I just, once again, tried a "matched set" of Wi-Fi Certified for Draft 2.0 802.11n router and card that supported WPS in both the router and client driver / utility. I started with the router and client in their "out-of-the-box" settings, which included no wireless security, but WPS enabled in the router. I got them associated and then pressed the WPS button on the router and in the client utility.

After about 10 seconds, the client and router reported successful completion of the WPS session. But imagine my surprise when I found that the connection was still unsecured! I ran the test multiple times, sometimes starting the WPS session on the client first, other times the router first. But the result was always an unsecured connection.

This isn’t the first product I’ve found where a WPS session didn’t automatically create a key and use it to set up a WPA2 secured (or the strongest security that both client and AP would support) connection. I had a similar experience with the Edimax BR-6504N, i.e. client and router supported WPS, session would complete, but security would not be set from an unsecured state.

I also couldn’t get WPS to work on a D-Link DGL-4500. And while Trendnet’s TEW-633GR supported WPS, the client utility for its "matching" TEW-621PC card didn’t. All of these products have Wi-Fi 802.11n Draft 2.0 Certification and all, except the Trendnet pair, carry WPS PIN and PBC Certifications.

But my main question is, am I incorrect in my understanding that WPS is supposed to take a router and client card from an unsecured to a secured connection without having to choose a security mode in the router and enter a key? The Alliance’s white paper states:

"With Wi-Fi Protected Setup, the user simply activates the AP and the client device, then either enters the PIN provided by the manufacturer of the AP (PIN configuration) or pushes buttons on the AP and client device(s) (PBC configuration) to initiate the secure set-up. The user is no longer involved in setting a passphrase; the security codes are activated and communicated automatically."

So far, I’ve yet to see this happen…and in products that have passed Wi-Fi certification that includes WPS.

So, somebody out there help me, please. What am I missing?

Related posts

How We Test: SmallNetBuilder’s Wireless Testbed V2

The new SmallNetBuilder wireless testbed once again uses octoScope's core technology and kicks it up a size.

Bye Bye 40 MHz Mode in 2.4 GHz – Part 1

Updated - If you've been wondering why your new 802.11n router won't link higher than 130 Mbps in the 2.4 GHz band, we have the answer.

Why Surround Wi-Fi Is Better

The days of the big honkin' router are coming to an end.