Stronger Encryption for Wi-Fi

sp00 writes "The first products certified to support Wi-Fi Protected Access 2, the latest wireless security technology, were announced by the Wi-Fi Alliance on Wednesday. The Wi-Fi Alliance says WPA2 is a big improvement on earlier wireless security standards, such as Wired Equivalent Privacy (WEP), which hackers have found easy to circumvent. It includes Advanced Encryption Standard, which supports 128-bit, 192-bit and 256-bit keys."

WPA2?

[Trygve]

Correct me if I'm wrong, but isn't WPA2 just the WiFi Alliance being stuborn about what to call 802.11i? I mean, WPA was just supposed to be 802.11i minus everything that required hardware upgrades. WPA2 is just 802.11i, only not a real standard, ooh boy!

Re:Question

[ericpi]

I believe MAC filters are inherently less secure than encryption: The MAC addresses, I believe, are sent in the clear (i.e., not encrypted), so all someone has to do is listen to which devices are already operating on the network, then spoof their MAC to match.

"Easy to circumvent"?

[Anonymous Coward]

All of the known WEP attacks are based on receiving weak IV frames (usually after sifting through gigabytes of data). Modern WiFi chipsets (i.e., those made within the last 2 years or so) do not send weak IV frames all that often, if at all.

It is not as easy as everyone says. Try it with some brand-new, high quality equipment and you may be surprised at the result.

Re:Question

[ericpi]

At first, you don't trasmit anything. (Since, as you point out, the whitelist would prevent the access point from responding to you, anyway.) However, you just listen to the existing legitimate traffic. Then clone your device with the same MAC as one of these legitimate (and already on the whitelist) devices.

Re:Can we upgrade firmware ?

[ctime]

the original design specks for WPA included the ability to flash/bios upgrade the code on the wireless adaptor to support these new fangled protocols...pending the original hardware has the processing ability to support the new stuff (256 bit aes encryption for eg. might be difficuilt on really early adaptors)..although i might add aes encryption is actually less cpu intensive than say wep, but it could remain a problem.

Re:WPA2?

[lizrd]

Not exactly. Wi-Fi/WPA/WPA-2 are all industry standards based on the various 802.11? IEEE standards. The difference is that WECA (Wireless Ethernet Compatability Alliance) actually does testing rather than just publishing standards like IEEE does. In order to get the fancy sticker on the package you need to pay a couple of grand and get your product tested to the standards. The benefit of certification is that you have some idea that the product was actaully implemented to the standard correctly.

That said, WPA-2 provides basically zero benefit over WPA. WPA relies on the same RC-4 algorithm as WEP, but has a few patches put in place to resolve the problems it had. The most important one is using a new key for each frame. Given a choice between an algorithm that can be broken given 11MB of data and one that has no known attacks, do you think that it matters which you use to encrypt 1500 bytes? Not really.

The good news about WPA-2/802.11i (same thing, just certified and a less scary name for the PHBs) is that it breaks hardware compatibility, and that means there's a chance that things have been done right this time.

Re:Does this means...

[brain159]

Sufficient for what?

Keeping a serious attacker away from your data, if it's specifically you he's after? Possibly not.

Keeping a casual war(mode-of-transport)'er out of your WLAN to stop him leeching your bandwidth? Probably.

Re:Serious answer form geeks in the know...?

[John Courtland]

I'd set up at least PPTP VPN's. If not, then IPSec and an IDS. Explain it to them thusly: If you get owned, not only do you have to figure out what the hell happened (before it happens again), but you have to repair and replace a lot of data. I just lost a router and have yet to perform forensics on it to determine exactly WTF went wrong, but it looks like a trademark script kiddie attack, which is dirty and it pretty much wasted that box. And this is just my house where it might take me an hour to get it back up. You're at a company. Get your systems tightened down before that happens to you and your job becomes jeopardized.

Re:NSA Encryption Restrictions

[Anonymous Coward]

You must be thinking of the mid 1990's. There are presently no real restrictions on the export of strong crypto, aside from some minor details like not exporting it to known terrorist countries, etc. Besides, the NSA did not ever regulate cryptography; that was the BXA.

In other words, your concern is baseless.

Re:Flaw fixed?

[MoralHazard]

It wouldn't be a bad idea to use something like this for non-broadcase Ethernet either, now that I think of it.

Um, yes, it WOULD be a bad idea. WEP/WPA/WPA2 are all server-client protocols, in that they encrypt transmissions between a number of remote clients and a single central point. In order to make the analogy hold to wired Ethernet, you would have to make every Ethernet switch/hub/router support the crypto interaction with clients. As well as replacing every NIC in existence.

And even then, the encryption wouldn't buy you much, because it only encrypts between the Ethernet hosts and the switch. It CAN'T encrypt transmissions past the switch, because it would be hiding the IP addresses and port numbers that are need to route the packets at an IP level. If you wanted to move the link-level encrypted packets further, you would have to either decrypt them and transmit them upstream in the clear, or you'd have to configure every single route in between your endpoints with the WEP-ish key. Which would defeat the point of encrypting, because in order to use this on the Internet, everybody on the Net would have to have the same key.

This is one of the reasons why we have things like IPSEC and VPNs--they're based on PKI systems, or they're built with a centralized authenticator/concentrator, or both. And they encrypt IP packet contents, not the IP packet itself (including the header info), meaning that any router can pass them without having to open the crypto-envelope.

WEP and its relatives are link-level encryption, and only meant for a single physical hop, and they're not particularly scalable. They're niche solutions that either wouldn't work or wouldn't be worthwhile for most other applications.

Re:upgrades to old equipment

[interiot]

ASIC? ASIC?? Aren't most routers these days implemented on top of a general-purpose CPU? [sveasoft.com]

And yes, the WRT54G already does AES-128 in its stock form [linksys.com].

Re:Question

[Minna Kirai]

You would need special equipment, I imagine,

Nope.

unless there is a way to get a standard card to listen to all traffic on a given channel

Yep. Lots of normal cards can do this easily. The rare cards that can't are considered "crippled". A few cards can collect more than 1 channel at once.

Re:The really important question.

[Anonymous Coward]

RTFM.

I use passphrase keys all the time in Linux using iwconfig. Just becuase you don't know how to read the manual does not give you license to trash Linux for your own inabilities.

Re:Serious answer form geeks in the know...?

[peacefinder]

Is the AP connected to your internal network behind your firewall?

If so, you should lay on the best encryption you have. If you can see other APs on the block, they can see you, too. You don't want someone to come in and rifle through your network, or release a worm or whatever. It is prudent to consider anything connected to the AP as untrusted.
The best solution, in my mind, is to put a firewall between your APs and your internal network, and allow only VPN access to your internal net. A few steps back in paranoia from that is to use the best security your hardware supports.

64-bit WEP is only one step up from an open AP. It'll keep the honest people honest, but will barely cause the dishonest people to break stride.

With a Centrino-based laptop, the boss's machine (almost certainly) has good enough hardware and OS to support WPA. With WinXP, it'll even roam between different netwoks reasonably well when he takes it home or wherever. If your AP doesn't support WPA, then at least use the highest level of WEP available to you... and consider getting a new AP that supports WPA2. (I think the Proxim Orinocos look good, but I haven't got one yet. Their AP-600 sounds about right for your use.)

If you're doing IT for this company, you need to be able to get your users' machines set up right, even the CEO's. Y'all only need to enter that nasty hex password once on each machine; it's not that big a burden and you can do it for him.

If he won't let you do it, tell him that it's your job to protect his company, and in order for the company to be protected this must be done. He can do it or you can, but it must be done.

If he still refuses, I'd either kill the AP (pulling the patch cable from the switch back in the server room should do nicely) or resign. This sounds extreme, but if he's not letting you do your job right, you probably don't want to work there anyway. Besides, he's probably not updating his virus scanner like you told him to, either. :-)

I trust it won't come to that, though. If you lay the issues out for him and tell him that its his company's data (possibly financial data) at stake, I think he'll listen. Good luck!

Re:The really important question.

[jeremyhu]

Even if he is a prick about it, it's still partially true. Linux's pcmcia-cs has good tools for setting up multiple wireless profiles with your pcmcia devices (just look at /etc/pcmcia/wireless). And it's easy to use the passphrase on linux... just instead of entering the hex, you enter 's:' or maybe it's 'p:'... I forget off the top of my head.