Auditing Wi-Fi Protected Access (WPA) Pre-Shared Key Mode
Although the implementation of wireless networks has increased exponentially, the focus on network and information security has not kept pace. Empirical evidence suggests that fewer than one-third of wireless networks have implemented any sort of data encryption, be it wired equivalent privacy (WEP) or Wi-Fi protected access (WPA). Those network administrators and home users who have implemented these encryption methods may have been lulled into a false sense of security. WEP is known to be easily exploited, and substantial although relatively unknown problems exist with WPA when used in consumer mode. This article focuses on data confidentiality provided through encryption by reviewing the flaws in WEP and examining the issues surrounding WPA. Tools that demonstrate the risk of using WPA in pre-shared key (PSK) mode are explored.
WEP was ratified as an IEEE standard in 1999. It was designed to provide moderate protection against eavesdropping on data in transit and unauthorized access to the network resources. This protection was provided through an encryption scheme that utilized a flawed implementation of the RC4 stream cipher. The actual key size of the implementation was misleading, because the keys were 40-bit and 104-bit, with a 24-bit initialization vector (IV) added to the key. This led to the misnomer of 64-bit and 128-bit keys.
WEP suffered from a poor implementation of the key scheduling algorithm and transmitted the flawed IVs in the clear. A general acknowledgement that WEP was not an appropriate method of securing a wireless network came after Fluher, et al., published Weaknesses in the Key Scheduling Algorithm of RC4 in 2001 and the Shmoo Group released the beta version of Airsnort. Capturing approximately five million data packets statistically would ensure the collection of approximately four thousand weak IVs. From this information, Airsnort could discern most WEP keys. These statistically weak interesting IVs received wide recognition within the industry, and as a result, most vendors made changes to their WEP firmware and software implementations that filtered or removed weak IVs.
Older versions of Airsnort and other tools that attacked WEP by examining interesting IVs became unusable as an attack vector against most wireless equipment produced after 2002. In 2004, Korek released a new WEP statistical cryptanalysis attack and while still based on the weaknesses in the key scheduling algorithm, the Korek attack removed the requirement for collection of interesting IVs. This attack has been coded into several tools, most notably Aircrack, WepLab and the newest version of Airsnort. Each tool functions slightly differently, but each requires as few as half as many packets to break WEP than the previous generation of WEP cracking tools.
The IEEE recognized that WEP was not a sufficient method to protect wireless communications and set to work creating a new security standard, 802.11i, also known as WPA2. 802.11i was ratified as a draft standard in early 2004 and includes a robust set of security standards. The 802.11i architecture contains 802.1x for authentication and port-based access control, AES (advanced encryption standard) block cipher and CCMP (counter mode CBC MAC protocol) for keeping track of associations and providing confidentiality, integrity and origin authentication.
Of these robust requirements, AES is the most computationally intensive, and the 802.11b/g hardware that had been fielded for WEP was not up to the task of implementing the AES block cipher. It is likely that companies that fielded enterprise-wide wireless implementations would be concerned about fielding new equipment that was not backwards-compatible; legacy 802.11 hardware would not be capable of interoperating with new 802.11i hardware. This would cause companies either to field all new equipment at once or face a nightmare of interoperability.
Enter the Wi-Fi Alliance, a nonprofit industry association devoted to promoting the growth of wireless local area networks (WLANs). The Wi-Fi Alliance created the WPA specification as a bridging solution that would alleviate the concerns of WEP while providing a bridge to 802.11i. WPA was designed to conform to the majority of the 802.11i specifications. The major exception was WPA would not implement AES for encryption and would continue to use RC4. This methodology ensured that WPA would be backward-compatible with 802.11-certified hardware and forward-compatible with 802.11i hardware. In essence, it would provide a bridge as vendors brought new equipment on-line, allowing companies to leverage the WPA standard while migrating to newer equipment in a phased manner.
Practical Task Scheduling Deployment
July 20, 2016 12:00 pm CDT
One of the best things about the UNIX environment (aside from being stable and efficient) is the vast array of software tools available to help you do your job. Traditionally, a UNIX tool does only one thing, but does that one thing very well. For example, grep is very easy to use and can search vast amounts of data quickly. The find tool can find a particular file or files based on all kinds of criteria. It's pretty easy to string these tools together to build even more powerful tools, such as a tool that finds all of the .log files in the /home directory and searches each one for a particular entry. This erector-set mentality allows UNIX system administrators to seem to always have the right tool for the job.
Cron traditionally has been considered another such a tool for job scheduling, but is it enough? This webinar considers that very question. The first part builds on a previous Geek Guide, Beyond Cron, and briefly describes how to know when it might be time to consider upgrading your job scheduling infrastructure. The second part presents an actual planning and implementation framework.
Join Linux Journal's Mike Diehl and Pat Cameron of Help Systems.
Free to Linux Journal readers.Register Now!
- SUSE LLC's SUSE Manager
- Murat Yener and Onur Dundar's Expert Android Studio (Wrox)
- My +1 Sword of Productivity
- Managing Linux Using Puppet
- Non-Linux FOSS: Caffeine!
- Doing for User Space What We Did for Kernel Space
- SuperTuxKart 0.9.2 Released
- Google's SwiftShader Released
- Parsing an RSS News Feed with a Bash Script
- Rogue Wave Software's Zend Server