Agere Reveals WLAN Security Upgrade
November 12, 2001
WEPplus to replace WEP as company addresses security vulnerabilities in the original data encryption method.
Agere Systems today announced the introduction of a new security enchancement for wireless LANs. Called WEPplus, it is an enhancement to the Wired Equivalent Privacy (WEP) encryption methodology used with IEEE 802.11 solutions.
WEPplus is designed to be used with Agere Systems' ORiNOCO WLAN products including its Access Server 2000 and Access Point 2000. The company stated that the new security enchancement will be included in the company's new Winter Software release, available for free Internet download. It will be included in all products shipped beginning November 23, 2001, the company said. Its primary purpose is to prevent hacking by programs such as AirSnort, which were able to exploit 'weak' key components of the standard WEP encryption implementation.Several industry papers in the last few months have highlighted the vulnerabilities of 802.11 WLANs using the standard WEP method. WEPplus, according to Agere, ensures network integrity on ORiNOCO-branded or OEM-branded Agere Systems' Wi-Fi wireless LAN products. Agere highlighted the fact that complete interoperability with other Wi-Fi certified products will still be maintained, despite the non-WEPplus' products susceptability to potential attacks.
In describing the new implementation, Agere Systems ORiNOCO product manager stated that the company has developed a new way of implementing WEP that "avoids the use of certain initialization vectors that create weak keys that can be easily intercepted and broken."
Agere systems has made the new WEPplus security enchancement available from their Web site. It also emphasized the point that users of products based on ORiNOCO systems need to download new drivers and software from their manufacturer's Web site. An can also be found at their site
Matthew Peretz is Managing Editor of 802.11-Planet.com