WEP Gets A Bit Stronger

gmr2048 writes: "CNN is reporting that RSA has helped develop "Fast Packet Keying" to strengthen WEP security. More info can be found at the RSA page. Damn, and I'm still working on my Pringles can antenna."

Why do packet-level encryption ?

[Rosco+P.+Coltrane]

Seems to me that the most secure way to do wireless networking is to set up encrypted tunnels :

No bad guy will ever be able to use the network anyway.

You have the choice of encryption policy you want to use and you're in control on how secure you want the network to be.

The overhead of encrypting the packet headers is avoided (granted, the card is supposed to do that transparently, but still I have seen significant slowdowns in lag and throughput when playing with WEP).

The only drawbacks I can think of with doing your own protocol-level encryption are :

Bad guys can still see your bastion host or VPN gateway in clear and have a go at it (DoS or otherwise), and script kiddies might want to have a try because they think it's in clear, while when they see WEP in place they might not even try.

You have to set up a VPN and the infrastructure that goes with it (duh) while you don't have to with WEP.

It's a little harder for Windows users to use your service, if you use PPTP, or it's impossible altogether if you use something Windows doesn't understand, or it's costly because you have to buy third-party Windows VPN software (I don't deal with Windows users, thank God, so problem solved for me).