Auditing Wi-Fi Protected Access (WPA) Pre-Shared Key Mode

Understand the risks of two wireless security technologies by experimenting with cracking tools.

Although the implementation of wireless networks has increased exponentially, the focus on network and information security has not kept pace. Empirical evidence suggests that fewer than one-third of wireless networks have implemented any sort of data encryption, be it wired equivalent privacy (WEP) or Wi-Fi protected access (WPA). Those network administrators and home users who have implemented these encryption methods may have been lulled into a false sense of security. WEP is known to be easily exploited, and substantial although relatively unknown problems exist with WPA when used in consumer mode. This article focuses on data confidentiality provided through encryption by reviewing the flaws in WEP and examining the issues surrounding WPA. Tools that demonstrate the risk of using WPA in pre-shared key (PSK) mode are explored.

A Little History

WEP was ratified as an IEEE standard in 1999. It was designed to provide moderate protection against eavesdropping on data in transit and unauthorized access to the network resources. This protection was provided through an encryption scheme that utilized a flawed implementation of the RC4 stream cipher. The actual key size of the implementation was misleading, because the keys were 40-bit and 104-bit, with a 24-bit initialization vector (IV) added to the key. This led to the misnomer of 64-bit and 128-bit keys.

WEP suffered from a poor implementation of the key scheduling algorithm and transmitted the flawed IVs in the clear. A general acknowledgement that WEP was not an appropriate method of securing a wireless network came after Fluher, et al., published Weaknesses in the Key Scheduling Algorithm of RC4 in 2001 and the Shmoo Group released the beta version of Airsnort. Capturing approximately five million data packets statistically would ensure the collection of approximately four thousand weak IVs. From this information, Airsnort could discern most WEP keys. These statistically weak interesting IVs received wide recognition within the industry, and as a result, most vendors made changes to their WEP firmware and software implementations that filtered or removed weak IVs.

Older versions of Airsnort and other tools that attacked WEP by examining interesting IVs became unusable as an attack vector against most wireless equipment produced after 2002. In 2004, Korek released a new WEP statistical cryptanalysis attack and while still based on the weaknesses in the key scheduling algorithm, the Korek attack removed the requirement for collection of interesting IVs. This attack has been coded into several tools, most notably Aircrack, WepLab and the newest version of Airsnort. Each tool functions slightly differently, but each requires as few as half as many packets to break WEP than the previous generation of WEP cracking tools.

802.11i and WPA

The IEEE recognized that WEP was not a sufficient method to protect wireless communications and set to work creating a new security standard, 802.11i, also known as WPA2. 802.11i was ratified as a draft standard in early 2004 and includes a robust set of security standards. The 802.11i architecture contains 802.1x for authentication and port-based access control, AES (advanced encryption standard) block cipher and CCMP (counter mode CBC MAC protocol) for keeping track of associations and providing confidentiality, integrity and origin authentication.

Of these robust requirements, AES is the most computationally intensive, and the 802.11b/g hardware that had been fielded for WEP was not up to the task of implementing the AES block cipher. It is likely that companies that fielded enterprise-wide wireless implementations would be concerned about fielding new equipment that was not backwards-compatible; legacy 802.11 hardware would not be capable of interoperating with new 802.11i hardware. This would cause companies either to field all new equipment at once or face a nightmare of interoperability.

Enter the Wi-Fi Alliance, a nonprofit industry association devoted to promoting the growth of wireless local area networks (WLANs). The Wi-Fi Alliance created the WPA specification as a bridging solution that would alleviate the concerns of WEP while providing a bridge to 802.11i. WPA was designed to conform to the majority of the 802.11i specifications. The major exception was WPA would not implement AES for encryption and would continue to use RC4. This methodology ensured that WPA would be backward-compatible with 802.11-certified hardware and forward-compatible with 802.11i hardware. In essence, it would provide a bridge as vendors brought new equipment on-line, allowing companies to leverage the WPA standard while migrating to newer equipment in a phased manner.

______________________

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix