RSA Addresses 802.11b WLAN Security Flaw
RSA Security, along with several encryption experts, has developed a new technology that it says will solve one of the major security flaws in 802.11b wireless LANs.
WLANs have been beset by security problems almost since their introduction, but the last year has been particularly troublesome for the much-hyped 802.11b standard. Security researchers found a flaw in the way the WEP (wired equivalent privacy) encryption protocol implements the RC4 algorithm that enables attackers to guess encryption keys by sniffing a small number of packets.
RSAs technology, which the company developed in conjunction with engineers from Hifn Inc. and other IEEE 802.11 committee members, addresses this problem by generating a unique RC4 encryption key for each packet sent over a WLAN. The Fast Packet Keying software saves time by precalculating some of the data needed to generate the keys.
The technology has been accepted by the IEEE as an add-on to its 802.11 standard, RSA said.
RSA also got a helping hand in writing the software from Ron Rivest, one of its founders and the author of the RC4 algorithm.
The new technology is intended to be a firmware or software patch for existing WLANs.
"This shows that you can do it right with a correct implementation," said Mike Vergara, director of product marketing at RSA in Bedford, Mass.