Broken wireless LAN gets fix

The standards committee responsible for the broken wireless LAN encryption algorithm, WEP, has approved a fix for the system.

The standards committee responsible for the broken wireless LAN encryption algorithm, WEP, has approved a fix for the system.

RSA Security and Hifn, two of the companies represented on the committee, have stated that the technique can be applied to existing equipment. A committee of the Institute of Electrical and Electronics Engineers (IEEE) approved the fix, which is responsible for Wired Equivalent Protocol (WEP) and a clutch of other wireless LAN standards.

The fix for the WEP encryption standard uses a technique called fast-packet keying to rapidly generate unique encryption keys for each data packet transmitted. According to RSA and Hifn, equipment suppliers can distribute the fix either as a software or firmware patch, allowing users to update vulnerable devices.

Traffic on wireless LANs can be overheard by anyone with an appropriate radio receiver, so the WEP standard was adopted by the IEEE 802.11 standards committee as a way of encrypting this traffic to make it as secure as traffic on wired LANs.

However, flaws in the encryption algorithm meant that it was relatively simple to guess the keys with which successive packets of data were encrypted on WEP wireless LANs, because the keys were too closely related to one another.

Current implementations of the WEP standard use RSA Security's RC4 algorithm for encryption.

RSA Security defended its encryption algorithm, saying the successful attacks against WEP were not a result of any weakness in RC4, but rather in how WEP created encryption keys for each data packet based on a code known only to the base station and the remote terminal in the wireless LAN. The keys for different packets were too similar, RSA said, meaning that hackers could exploit the similarity to deduce the secret code and, with it, the content of all network traffic.

RSA Security said the fast-packet keying method could be used to reduce the similarity between keys used to encrypt successive data packets, making it harder for hackers to guess the secret code known to the network terminals.

Read more on Antivirus, firewall and IDS products

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.