EAP-FAST the new security protocol

BANGALORE: Cisco Systems acknowledged security problems with its proprietary Lightweight Extensible Authentication Protocol (LEAP) and has released a new security protocol, that it said eliminates the threat. Said an online report.

Cisco acknowledged that Cisco LEAP is vulnerable to dictionary attacks, in a notice on its Web site and subsequently released its EAP Flexible Authentication via Secure Tunneling (EAP-FAST) protocol, which it said is not vulnerable to dictionary attacks. According to the company users could continue using LEAP, if they have a strong password policy in place.

Asleap, a tool released by a security architect of Johnson & Wales University, attacked the protocol ,forcing Cisco to come out with a solution to the flaw.