RealTime IT News

RSA Unveils WEP Security Breakthrough

RSA Security Inc. today announced a solution for the infamous hole in the WEP (wired equivalent privacy) encryption standard which it developed in collaboration with Hifn, a network infrastructure company.

The new technology, dubbed Fast Packet Keying, has been accepted by the IEEE 802.11 committee. It is based on the RC4 algorithm and is designed to be a repair to the WEP encryption standard. Current WEP implementations use RSA Security's RC4 algorithm for encryption. RSA Security and Hifn explained, however, that the weaknesses in WEP were not based on a weakness in the RC4 algorithm itself - rather, they were based in the fact that WEP derived RC4 keys for different data packets from a 'secret' shared between wireless clients and access points. In the most fundamental terms, the keys for the different packets were too similar and this similarity was exploited with some basic packet analysis. Data packets could then be decrypted once the shared secret was captured.

Fast Packet Keying avoids this problem entirely by generating a unique RC4 key for each and every data packet sent over the WLAN. The two companies stated that this solution to the WEP problem is designed to be distributed as a software or firmware patch by WLAN vendors, so that the repair can be implemented rapidly.

More specific technical information about the Fast Packet Keying solution can be found at the RSA Security, Inc. Web site.

Matthew Peretz is Managing Editor of