WEP And PPTP Password Crackers Released

Jacco de Leeuw writes "SecurityFocus published an article by Michael Ossmann that discusses the new generation of WEP cracking tools for 802.11 wireless networks. These are much faster as they perform passive statistical analysis. In many cases, a WEP key can be determined in minutes or even seconds. For those who have switched to PPTP for securing their wireless nets: Joshua Wright released a new version of his Cisco LEAP cracker called Asleap which can now also recover weak PPTP passwords. Both LEAP and PPTP employ MS-CHAPv2 authentication." Update: 12/22 00:14 GMT by T : Michael Ossmann wrote to point out his last name has two Ns, rather than one.

Now who can we blame for downloading GB of stuff?

[Anonymous Coward]

Its obvious that people now hav ethe ability to go around neibourhoods and gain access to these networks for any purpose!

Can we be blamed if the tenant runs a pot-growing facility in our basement? Is it the same?

Feasibility of dictionary attacks no protocol flaw

[Anonymous Coward]

Every communication which uses passwords for authentication is susceptible to dictionary attacks. That is not a protocol weakness. If you use a random and long enough password, you'll be fine. Public key based authentication has other risks, like insufficiently secured storage of the key.

End-to-End Security

[Renegade Lisp]

This just underlines that encryption at the wireless link level may not be the right way to go. Even if the algorithm wasn't so weak -- it strikes me as odd that a whole network should be protected by just a single key, which needs to be present on every individual machine of this network. How easily is this compromised!

It's far better not to rely on wireless link encryption and encrypt your application-level protocols instead. SSL for web browsing, PGP or S/MIME for e-mail, ssh for login. Far better algorithms, far better key management.

Easier for travelers

[ad454]

Great, I will be leaving for a business trip soon, and now I can freely *access* those commercial WEP enabled Wi/Fi access points in many airports without risking my credit card.

Seriously though, Wi/Fi has to be treated like an unsecure public network, and anyone wants to restrict access they should use a more secure protocol like IPSec in host-to-host mode. Do not count on Wi/Fi manufactures to protect you, for some reason they just simply refuse to provide secure products.

Security is an illusion ...

[Gopal.V]

To be truthful, nothing is secure ... It can only be "Secure Enough". If the cost of breaking something is more than the benifit - that is security in one sense.

Any encryption can be broken - given enough resources ... The trick is to make it so difficult that nobody finds out unless they are prepared to invest more than what you did (time, computing power, money, technology).

Interestingly in India, according to Department of Telecom [64.233.167.104] website - security means something different :).

23. Individuals/Groups/Organisations are permitted to use encryption upto 40 bit key length in the RSA algorithms or its equivalent in other algorithms without having to obtain permission from the Telecom Authority. However, if encryption equipments higher than this limit are to be deployed, individuals/groups/organisations shall do so with the prior written permission of the Telecom Authority and deposit the decryption key, split into two parts, with the Telecom Authority.

We have to keep our private keys in ESCROW to use >40 bit encryption ... Talk about stupid laws (of course which no-one enforces or obeys).

Re:Feasibility of dictionary attacks no protocol f

[wirelessbuzzers]

Every communication which uses passwords for authentication is susceptible to dictionary attacks. That is not a protocol weakness. If you use a random and long enough password, you'll be fine. Public key based authentication has other risks, like insufficiently secured storage of the key.

First, you will note that the attack on WEP (but not on PPTP) is not a dictionary attack and works with a computer-generated random 64- or 128-bit key. This is a protocol weakness.

Second, a good protocol does protect passwords. Either it establishes an encrypted session with the server, like SSH or SSL does, or it uses a secure password protocol like SRP. SRP in particular has the following properties:

1) The protocol is entirely public, and open-source implementations are available.
2) An eavesdropper on the wire does not get a dictionary attack on the password; without breaking the crypto behind the protocol, which nobody has been able to do yet, he gets no information. Of course, he can still do an online attack, but the server should prevent that.
3) Someone impersonating the server also does not get a dictionary attack on the password, even though the client does not need to memorize a key hash.
4) Someone who compromises the server database does get a dictionary attack on the password (this is inevitable), but they don't get the password for free. Furthermore, the password is salted, so they have some work to do.

Re:So how can I secure my connection?

[PatrickThomson]

I use openvpn for securing my home network (the access point is open and nonrouting), and although it's a bit of a shit to get set up, I've never had any problems, and I've got 1.5 meg/sec using blowfish from a K6-400 at the other end.

People still use WEP?

[AusG4]

Who still uses WEP? The weeknesses in WEP have been known for some time, and there have been more than a few working crackers in the wild for quite a while now.

WPA [tomsnetworking.com] is the money. It's far more secure than WEP in that it has key rotation, and some of the snazzier base stations already support AES as the cryptographic algorithm. Most older stations with dilligent vendors will at least support WPA with TKIP (RC4 with rotating keys), since it's a trivial addition from a compute-intensiveness point of view.

That said, if you do insist on sticking with WEP (some people prefer classic cars to modern ones as well, I guess), or even less (ie, run an open base station) at least ensure that your access point is configured to only allow your specific MAC (as well as those you trust) to peer with it. This will at least keep the bandwidth sucklers off your back.

Unless, of course, being suckled upon is what you like. At that point, do what you want. I'm Canadian, so my personal bandwidth is everyones bandwidth.

Ahhh... socialism. :)

As for PPTP, switch to using KAME, FreeS/WAN or your IPSec implementation of choice. You can, of course, even use IPSec to do transport level encryption for your wireless connection if your base station doesn't support WPA, though you would need additional boxen to do this, of course.

Both of these (WPA and IPSec) provide the same functionality as what they replace (WEP and PPTP) with additional security benefits. We moved to WPA for our corporate access points over a year ago and have been running a 100% IPSec (SonicWall, specifically [sonicwall.com]) VPN for just as long. They're functional, production tested and very secure.

Don't wait. Do it now.

Can something be done sort of like freenet?

[Epistax]

You're given a key for your computer. This key is entered into a list of keys on the server. The server decrypts each incoming transmission with all valid keys to determine the source, and encrypts all outputted signals with their own keys for each client, and the encrypting and decrypting keys are different.

So, for each client there are four keys. One to encrypt information sent from client to server (residing only on client), one to decrypt this information (residing only on server), one to encrypt information sent from server to client (only on server), one to decrypt information sent from client to server (only on client). Plus the server has its own internal key so that even if the encryption for two clients between two computers is identical, the decryption is different. Same for the client. Ok ok- 6 keys. ;)

Ignoring the complication, overhead, and excess noise produced by this, wouldn't it be better than say... WEP? :P This would be something such as an office setting where the area is not very open. Your competitor has the office across the street and you're not allowed to throw rocks at them when they sniff the wireless anymore.

IPsec is great

[prisoner]

it's the client software that's a pain. I use wolverine (linux based firewall) that has pptp and ipsec built in. The pptp connections are easy as windows has a client built in. I cannot, however, find a free client for windows on the ipsec side. Anyone know of one? Yeah, I'm cheap but it's for my home network.

Re:Now who can we blame for downloading GB of stuf

[bhima]

I was speaking to an American friend, who lives in Atlanta, recently. He was complaining about this very thing. He owns & manages a variety of types of property which he leases out to people who run bars, restaurants, small businesses, warehouses, and even churches. Occasionally, he has tenants 'disappear' and when he goes down to inspect the property he finds evidence of drug related activities (i.e. rows of HPS lighting, hydroponic setups, and my favorite: money counters). So generally to keep it of his back he reports it and has the police come in and take it all in as evidence. Recently, during one of these events the investigating officer arrested him using a little known local law (either Fulton or DeKalb county) which required the owner of the property to report any illegal activities taking place on their properties. The law is so grey that they make no attempt to deal with whether or not the property owner is knowledgeable or a participant. In effect they demand that all property owners become investigators / informants.

Welcome to post 911 America