Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
The botnet world is booming
What’s driving this university to IPv6? Going green
Google takes direct aim at Microsoft
Microsoft promises to stymie hackers next week with new patches
Chrome OS spotlights rapidly changing mobile Web environment
IT pros continue to lose jobs
How ending exclusivity agreements would change the telecom industry
How to use electrical outlets and cheap lasers to steal data
EMC distances rival NetApp
Crime lab saves energy costs by turning up heat in the data center
IBM security software masks confidential info
Google Native Client provides hints on Chrome OS gambit
Ericsson signs deal to run Sprint wireless, wireline networks
Verizon helping companies assess application vulnerabilities
Internet's biggest issue? IPv6 transition, new ARIN CEO says
Wireless/Mobile /

Wireless LAN security fix on tap from IEEE group

Related linksToday's breaking news
Send to a friendFeedback

By Peter Sayer
Network World, 01/07/02

Network executives worried about the security of their wireless LANs may soon be able to sleep a little easier: The standards committee responsible for the broken wireless LAN encryption algorithm, Wired Equivalent Privacy, has approved a fix to the system that can be applied to existing equipment.

The fix for the WEP encryption standard uses a technique called fast-packet keying to rapidly generate unique encryption keys for each data packet transmitted.

A committee of the IEEE responsible for WEP and a clutch of other wireless LAN standards has approved the fix, according to RSA and Hifn - two companies involved in WEP development.

Advertisement:

Equipment vendors can distribute the fix as a software or firmware patch, letting users update existing vulnerable devices, according to RSA Security and Hifn.

Anyone with an appropriate radio receiver can overhear traffic on wireless LANs, so the IEEE 802.11 standards committee adopted the WEP standard as a way of encrypting this traffic to make it as secure from eavesdroppers as traffic on wired LANs. Other representatives of the 802.11 committee could not be reached for comment.

However, flaws in the encryption algorithm meant it was relatively simple to guess the keys with which successive packets of data were encrypted on WEP wireless LANs because the keys were too closely related. Current implementations of the WEP standard use RSA's RC4 algorithm for encryption.

RSA defends its encryption algorithm, saying the successful attacks against WEP were not a result of any weakness in RC4, but rather in how WEP created encryption keys for each data packet, based on a secret code known only to the wireless LAN base station and the remote terminal. The keys for different packets were too similar, RSA says, meaning hackers could exploit the similarity to deduce the secret code, and with it, the content of all network traffic.

The fast packet keying method can be used to reduce the similarity between keys used to encrypt successive data packets, making it harder for hackers to guess the secret code known to the network terminals, RSA says.

Sayer is a correspondent with IDG News Service's Paris bureau.

RELATED LINKS


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.