Researchers have shown that the protocol used to encrypt data carried by 802.11b wireless LANs is vulnerable. Can workarounds can be used until a new protocol arrives?

The recent discovery of several security vulnerabilities in the Wireless Equivalent Privacy (WEP) protocol included with 802.11b wireless local area network (WLAN) technology will have caused alarm to IT managers using this type of equipment in any part of their network.

IT Week Labs believes that current WEP offerings are adequate for securing data at smaller sites and home offices, providing there are periodic WEP key changes. However, large firms with vital wireless data to safeguard should look to the encryption alternatives that are now available.

Although future versions of 802.11 security will be less vulnerable to hacks and easier to deploy, the Institute of Electrical and Electronics Engineers (IEEE) and the Wireless Ethernet Compatibility Alliance (Weca) face an uphill battle to restore confidence in WEP.

Both the IEEE, which helped to develop WEP, and Weca, which enforces interoperability among vendors, say that the protocol was never intended to be a complete security solution, but rather provides protection that is equivalent to that of wired networks. The IEEE has known about WEP's vulnerabilities since October last year, and the IEEE's Task Group E was charged with enhancing the 802.11 media access control layer to add security and quality-of-service features to the specification.

An enhanced version of WEP, called WEP2, is set to be approved by the IEEE soon, and will remove some of the vulnerabilities by implementing 128-bit encryption keys and better encryption algorithms. However, WEP2 is still based on the same RC4 encryption algorithm and integrity check (IC) value system as its predecessor.

The WEP2 changes will reduce problems with the initialisation algorithm used for encryption. But it is possible that the interoperability of WEP encryption key management could suffer, and there could also be vulnerabilities in integrity checking.

At the moment, WEP relies on the use of identical static keys that are deployed on client stations and access points. As a result of this, key management becomes quite difficult as the number of clients increases.

Cisco has addressed this issue via its Lightweight Extensible Authentication Protocol (Leap) for its 802.11b Aironet devices. As part of the log-in process, clients dynamically generate a new WEP key instead of using a static key. All clients have unique keys, which reduces, but does not eliminate, problems with the initialisation algorithm.

The IEEE's Task Group E has approved a draft designed to establish an interoperable authentication and key management system similar to Cisco's, and tentatively called Enhanced Security Network (ESN). ESN marks the debut of Advanced Encryption Standard (AES) encryption and will probably not be part of the 802.11 wireless standard until next year. Leap is intended to be interoperable with ESN.

Other 802.11 products provide better encryption than WEP, but this protection generally comes at the cost of interoperability. Users can also deploy encryption wares that use virtual private networks, Secure Sockets Layer (SSL) or Pretty Good Privacy (PGP) encryption, but this can mean large investments of time and money.

Copyright © 2009 CBS Interactive, a CBS Company. All Rights Reserved.
ZDNET is a registered service mark of CBS Interactive. ZDNET Logo is a service mark of CBS Interactive.