RSA Security Helps Create Solution to Secure Wireless LANs
Expertise and Leadership in Wireless Market Helps Create New 'Fast Packet Keying' Technology for WEP Environments
BEDFORD, Mass., Dec. 17 /PRNewswire/ -- RSA Security Inc. (Nasdaq: RSAS - news), the most trusted name in e-security®, today announced that it has helped create a secure solution for the broken encryption standard in WEP (Wireless Equivalent Privacy) environments. The IEEE 802.11 committee has accepted the new ``Fast Packet Keying'' technology created by RSA Security and Hifn(TM) (Nasdaq: HIFN - news), a market leader in network security and flow classification. The ``Fast Packet Keying'' solution is customized to the hardware environment of wireless LAN products, designed to allow vendors to offer the highest levels of data protection without replacing wireless LAN hardware and to preserve interoperability.
``Fast Packet Keying,'' a new technology based on the RC4® algorithm, is designed to help organizations securely fix the WEP encryption standard. This new WEP solution, developed by RSA Security, Hifn and other members of the 802.11 committee, is designed to generate a unique RC4 key for each data packet sent over the wireless LAN. This solution is intended to be distributed as a software or firmware patch by wireless LAN vendors, allowing their customers to quickly update the existing vulnerable equipment.
It has been widely reported that the WEP protocol -- the standard that outlines how data will be encrypted on the 802.11 wireless LAN -- was implemented in a way that makes it vulnerable to attack. This poses serious risks for businesses that have deployed wireless LANs because any confidential data -- financial transactions, credit card numbers and a company's proprietary information -- that is flowing over these networks can be compromised or exposed.
WEP implementations currently deployed in wireless LAN hardware today use RSA Security's RC4 algorithm for encryption. The attacks against WEP were not a result of a weakness of the RC4 algorithm, but instead a weakness in how WEP derived RC4 keys for different data packets from a secret shared between wireless clients and access points. Simply put, the keys for different packets were too similar. Hackers could exploit this similarity to extract information about the shared secret after analyzing a modest number of packets. Once the shared secret was discovered, a malicious hacker could decrypt data packets being passed along the exposed network. ``Fast Packet Keying'' is designed to avoid the similarities in the packet keys by providing a rapid way to derive unrelated RC4 keys from a shared secret.
``With the incorporation of 'Fast Packet Keying,' organizations can safely turn to wireless networks for operational flexibility and efficiency without sacrificing the integrity of their systems,'' said Doug Whiting, Ph.D., chief scientist at Hifn. ``RSA Security has long been integral both to security architecture and standards, and we were pleased to work with them and share our combined knowledge and expertise. The wireless market now has a strong security solution that is designed to create a secure, interoperable pipeline between the wired network and wireless clients.''
``RSA Security is pleased to have worked with Hifn to quickly develop a new technology to solve a crucial security vulnerability in the wireless LAN market,'' said Scott Schnell, senior vice president of marketing and corporate development. ``Strong security is always the starting point for any wireless business environment, and by securing WEP, businesses can now feel comfortable extending their processes onto wireless LANs.'' |
