It's reported that security researchers have broken WPA Wi-Fi encryption. Is that really true, or is it just the usual silly summer linkbait? In IT Blogwatch, bloggers unpick the breathless reporting and tell us what's really happening. By Richi Jennings.
August 28, 2009.
Your humble blogwatcher has selected these bloggy morsels for your enjoyment. Not to mention peripherals... Nate Anderson dons his tinfoil hat:
Researchers have come a step closer to breaking open a common WiFi encryption scheme. An attacker can now read and falsify short packets in the common TKIP version of WiFi Protected Access (WPA) encryption in about one minutea huge speed increase from the previously-required 12-15 minutes.. Nick Farrell offers this inoffensive, lepidopteroid racial stereotype:
The current attack comes courtesy of Toshihiro Ohigashi (Hiroshima University) and Masakatu Morii (Kobe University), and it is outlined in a new paper (PDF) of theirs called "A Practical Message Falsification Attack on WPA." It builds on 2008 research from a pair of German students, research that also attacked WPA TKIP systems and could read individual packets, crafted new data for them, then recalculate a legitimate packet checksum.
Japanese boffins took time out from fighting giant moths to work out how to break the WPA encryption system used in wireless routers in just sixty seconds. ... It has been known that WPA could be broken for some months now, but these researchers have come up with a theoretical attack and made it practical. Jose Vilches looks back:
Both attacks work on WPA systems that use the Temporal Key Integrity Protocol (TKIP) algorithm ... [which] is a bit long in the tooth. It was designed as an interim encryption method as WiFi security was developing. ... However there is still a fair bit of WPA with TKIP kit out there since 2006. Newer WPA2 devices that use the stronger Advanced Encryption Standard (AES) algorithm remain safe for now.
The attack builds on the so-called "Becks-Tews method" unveiled last year by researchers Martin Beck and Erik Tews. However, that method worked on a smaller range of WPA devices and took between 12 and 15 minutes to carry out. Both attacks work on WPA systems that use the Temporal Key Integrity Protocol (TKIP) algorithm. Glenn Fleishman gets technical:
They aren't key-recovery attacks -- but give hackers a way to read encrypted traffic sent between computers and certain types of routers that use the outdated encryption system.
Ohigahi and Morii use a physical man-in-the-middle (MitM) as part of their solution. ... A directional antenna that lets them intercept and reuse an ... initialization vector (IV) ... the station only receives the falsified packet, and thus doesn't receive an out-of-sequence number. This mostly likely requires a directional antenna which can overpower the broadcast of the access point for a given client; it might also work with a distant omnidirectional access point if the attacker had a more powerful omni. But Scott Merrill couldn't care less:
The ... approach has other refinements, such as monitoring the network for periods of low usage and then switching from the pure repeater mode into a key recover mode in which the malicious party attempts to recover the encrypted checksum, blocking communication between the station and access point during this time. ... They reduce the time necessary for a crack by making additional assumptions about ARP packets that let them solve for the checksum about 37 percent of the time, and check whether they've recovered the key.
Be like me, and forget trying to encrypt your transmission method, and rely instead on strong encryption at the protocol level. All of the wireless networks Ive set up at home have been wide open. If youre not using SSL or TLS for your traffic anyway, youre doing something wrong. Besides, I hate having to key in security details when I visit friends protected wireless networks. To sum up, William Garrison mans the harpoons:
TKIP was fundamentally broken, by design. ... It allowed router manufacturers to use something better than WEP without having to beef-up their hardware. It worked well, and bought several years before it was completely broken. So what's your take? Get involved: leave a comment.
Anyone who has a router using TKIP bought at a bad time, and is stuck with something that's only a little better than WEP.
Don't miss out on IT Blogwatch: And finally... Richi Jennings is an independent analyst/consultant, specializing in blogging, email, and spam. A 24 year, cross-functional IT veteran, he is also an analyst at Ferris Research. You can follow him as @richi on Twitter or richij on FriendFeed, pretend to be Richi's friend on Facebook, or just use good old email: firstname.lastname@example.org.