"Fast Packet Keying" Improvements to WEP

Weedstock writes: "BBC Tech News has an article about the latest development in wireless networking security. It seems that RSA Security has improved the encryption system used by the protocol. Will this new update finally make wireless networking secure? You can also find a list of papers about wireless security issues here." RSA has a press release about their changes to WEP being accepted by the 802.11 committee.

Re:not that secure

[hawkfan]

The argument against IPSEC and for wireless link crypto is based on the perceived overhead of forcing everything on an internal enterprise network to run IPSEC so that the wireless subnet can be secure.

Using IPSEC on the wireless network only requires the wireless stations and a gateway to run IPSEC. The IPSEC gateway acts like a normal router to the rest of the network. You can even do transparent gatewaying based on proxy-arp.
Our laptops use 802.11b cards without WEP and 2 Linux machines with Prism2 based cards operating in HostAP mode. One AP handles the encryption and allows handoff to the other via proxy-arp depending on which AP has the link to a particular station on their own wired subnet. The primary AP acts as a router to the rest of the unencrypted wired lan. All the stations on the wireless lan are configured to drop all but the IPSEC traffic. This not only protects against spoofing and hijacking on the wireless lan but also gives strong encryption to the traffic.
After the pleasant experience I had with Freeswan on the wireless network I'm considering bringing IPSEC to the rest of the wired network.