Table Of Contents
Product Bulletin No. 1432
Cisco Shares Findings From
Recent WLAN Security Research
In a recent research paper entitled "Weaknesses in the Key Scheduling Algorithm of RC4," co-authors Scott Fluhrer from Cisco Systems and Itsik Mantin and Adi Shamir from The Weizmann Institute describe a serious attack on WEP that is practical to implement. The paper identifies several weaknesses in the key scheduling algorithm of RC4, a widely used stream cipher in software applications, that can provide unauthorized users with a small number of key bits they can use to construct the "WEP key" necessary to gaining network access.
Cisco is aware of the WEP limitations identified in the paper and regularly conducts internal and external projects in several areas related to wireless local area network (WLAN) security. Cisco has shared its finding through the Wireless Ethernet Compatibility Alliance (WECA) and IEEE 802.11 standards to deliver interoperable security solutions to its customers and the industry.
Cisco is also pleased that the Cisco Aironet® Series of Wi-Fi™ (IEEE 802.11b)-compliant WLAN products provides a security solution to address several of the limitations identified in the paper. This security solution includes Dynamic WEP Key Management, which allows network administrators to set time increments in which WEP keys are exchanged per user, per session. Increasing the frequency in which keys are exchanged helps systems mitigate this type of attack. Cisco maintains time recommendation guidelines for customers based on their security needs and deployments.
This solution, unique to the Cisco Aironet Series, is a result of joint efforts by Cisco, Microsoft, and other industry leaders to define the IEEE 802.1x enterprise-class security architecture for wireless 802.11 networks. Recognizing that no single security scheme works for all customers, in addition to Aironet wireless security solution, Cisco also offers VPN, firewall, and Cisco IOS® Software services to enhance the end-to-end security of networks.
For additional information contact Linda Horiuchi, Public Relations Manager, 408 853-5464 or refer to these documents on security:
Cisco Aironet 350 Series Wireless LAN Security Response to University of Maryland WLAN Security Paper Cisco Aironet Response to Press— Flaws in 802.11 Security