Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
Valentine's Day Patch Tuesday: Microsoft to issue 9 patches, 4 critical
Mobile World Congress sneak peek: Quad-core smartphones, Ice Cream Sandwich & more
Microsoft details 'Windows on ARM' program
March debut of 'iPad 3' a sure bet, says analyst
FBI unbolts Steve Jobs 1991 investigation file
Cisco boosted profit, sales in Q2 while cutting costs
Macs take on the enterprise
Four crazy tech ideas from Google's Solve for X project
Obama 2012 campaign playlist revealed courtesy of Spotify
Oracle buying Taleo for US$1.9 billion in direct hit at SAP
Amazon attacks Apple: You get 3 Kindle products for price of iPad 2
Pre-rendered pages highlight latest Google Chrome release
Microsoft exec: Lync-Skype integration a 'compelling opportunity'
The future of hypervisors
/

Wireless LAN security fix proposed

Related linksToday's breaking news
Send to a friendFeedback

By Peter Sayer
IDG News Service, 12/17/01

Network managers worried about the security of their wireless LANs may soon be able to sleep a little easier. The standards committee responsible for the broken wireless LAN encryption algorithm, Wired Equivalent Protocol, has approved a fix to the system which can be applied to existing equipment, according to RSA Security and Hifn, two of the companies on the committee.

The fix for the WEP encryption standard uses a technique called fast-packet keying to rapidly generate unique encryption keys for each data packet transmitted. The fix has been approved by a committee of the IEEE responsible for WEP and a clutch of other wireless LAN standards, RSA Security and Hifn said Monday.

Equipment vendors can distribute the fix as a software or firmware patch, allowing users to update existing vulnerable devices, according to RSA Security and Hifn.

Traffic on wireless LANs can be overheard by anyone with an appropriate radio receiver, so the WEP standard was adopted by the IEEE 802.11 standards committee as a way of encrypting this traffic to make it as secure from eavesdroppers as traffic on wired LANs.

However, flaws in the encryption algorithm meant that it was relatively simple to guess the keys with which successive packets of data were encrypted on WEP wireless LANs, because the keys were too closely related to one another.

Current implementations of the WEP standard use RSA Security's RC4 algorithm for encryption.

RSA Security defended its encryption algorithm, saying the successful attacks against WEP were not a result of any weakness in RC4, but rather in how WEP created encryption keys for each data packet based on a secret code known only to the base station and the remote terminal in the wireless LAN. The keys for different packets were too similar, RSA said, meaning that hackers could exploit the similarity to deduce the secret code, and with it, the content of all network traffic.

The fast packet keying method can be used to reduce the similarity between keys used to encrypt successive data packets, making it harder for hackers to guess the secret code known to the network terminals, RSA Security said.

The IDG News Service is a Network World affiliate.

Related Links

 
NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.