Re: LEAP Security Vulnerabilities??

["Stephen Sprunk" <ssprunk () cisco com>]

Thus spake "Richard A Steenbergen" <ras () e-gerbil net>
> On Thu, Jun 13, 2002 at 02:34:29PM -0500, Stephen Sprunk wrote:
> > The choice of RC4 was unfortunate given the above problem,
> > but the coming switch to AES should fix that.
>
> Most existing wireless APs cannot keep up with 802.11b doing
> RC4 (which is EXTREMELY light on the cpu) at line rate.   I'm
> afraid to see what they consider acceptable for AES, anything
> done as a firmware upgrade is going to be quite limiting. At least
> for 802.11a I believe they're doing better.

Most vendors chose to do their RC4 encryption in software and consequently can't
do more than 1-2mb/s -- caveat emptor.  That's hardly a failing of the 802.11
WG; at least one vendor can do RC4 (and soon AES) at wire rate.

"You can have it good, fast, or cheap -- pick two."

S