Q

Is WEP sufficient?

My boss thinks that 40 bit WEP running on our wireless LAN access points is sufficient. I disagree. Will you help resolve this dispute?
Actually, you're both right. You boss is correct in that the flaw in the wired equivalent privacy (WEP) encryption algorithm is independent of the encryption key length (40 bit vs. 128 bit). Therefore, 40 bit encryption works just as well as 128 bit encryption with WEP enabled. This will be resolved in the upcoming WPA/TKIP standards. You are correct in that WEP isn't the only security mechanism that needs to be in place. There are dozens of physical access, AP hardening, and client security issues that need to be addressed to properly deploy a secure wireless LAN. Stay tuned to my future postings where I hope to address these.
This was first published in May 2003

Dig deeper on Mobile Authentication and Encryption

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchConsumerization

SearchNetworking

SearchTelecom

SearchUnifiedCommunications

SearchSecurity

Close