Wireless Networking Hacked! Should You Worry?
The headlines are abuzz with the latest wireless hacking news. "WPA is dead!" they say. "You were told to run WPA after WEP fell, and now you can't even trust that" many articles warn.
Should you be worried?
Well, if you're running WPA on your wireless access points (APs), maybe, but even then, probably not.
First, WPA, version 1, hasn't been the standard for more than two years. It was replaced by WPA2 in March 2006. Any security officer worth their salary should have already secured their APs with WPA2. Still, some users are still running completely unsecured APs (yes, unsecured APs are still common to this day). Others are running WEP and thinking that at least they have that level of security, not knowing that WEP hacking is close to trivial today. And yes, some people are still running WPA version 1.
Recently, in helping a neighbor turn on wireless security, when I enabled WPA2, their WAP became hideously unreliable despite a firmware upgrade and client patching. Oh well, WPA's better than WEP, and it meant I would be back to "help out" 10 more times over the next few weeks.
So, should my neighbor be worried? Not really.
Beck and Tews' attack only works on a subset of APs using WPA. To belong to the subset, the AP must first use WPA, with the quality-of-service protocol called Wireless Multimedia (WMM) enabled.
Next, the AP must use the PSK (Pre-Shared Key) mode of WPA. PSK is also called Personal mode on some APs. In corporate environments, many of today's 802.11 APs use Enterprise mode, 802.1x, or certificate-based security. If you use PSK mode, you've always been told to use long (17 characters or longer), complex, pre-shared keys to prevent brute force cracking.
Third, the WAP must also use TKIP (Temporal Key Integrity Protocol), instead of the known more-secure AES-based Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP). Wireless security conscious administrators have been running CCMP from the beginning, but many APs default to TKIP or to auto-selection (which means you aren't sure which protocol is being used).
Now, if all four of these things (you have a WAP running WPA in PSK mode with the WMM extension enabled using TKIP) are true (and it can easily be true), you still don't have much of a problem.
The current attack, which recovers what is known as the keystream and not the "secret key," only results in the attacker being able to send seven (some sources say 15, but the paper's authors say seven) unauthorized, one-way network packets to the client every 12-15 minutes; it can also decrypt a single ARP packet.
Because they only have one way communication, what an attacker could do is very limited. They might be able to do some short-term MAC address spoofing, or possibly cause a quick denial of service or buffer overflow attack if it can be accomplished using seven UDP packets. Essentially the malicious attacker would also have to have previous knowledge of unpatched, vulnerable software running on the victim, or access to a previously unknown zero-day exploit that would work on software running on the victim, either of which must be able to be accomplished using seven one-way UDP packets. It happens. Oh, yes, and they must have previous knowledge of all the already discussed wireless insecurity pre-conditions.
To borrow, paraphrase, and modify one of Bruce Schneier's most popular sayings, "If WPA (version 1) hacking is your biggest security worry, then you're doing better than most of us."
To prevent the hack, make sure all your APs are configured to use WPA2 or disable TKIP use (and forget the rest). This, of course, is what you should have been doing for the last two years anyway. For good measure, don't forget to change the default WAP admin password and make sure to use long pre-shared keys if using PSK mode.
So, is this new wireless hacking attack really news? Yes, it's news, just not huge news. You don't have to worry about your wireless networks in general, and your wireless users are probably going to continue to compute uninterrupted and without eavesdropping. To be fair to the authors, they were very clear about what they did and the implications. It's the general media going hog wild with the news.
The biggest threat from this wireless hack is where it leads. Most big, important attacks were the result of smaller, incremental discoveries made along the way. Even this attack builds upon the successful techniques of others (e.g. Chop-chop attack). Will this mean that WPA2 falls one day or that TKIP on WPA2 isn't safe? Will someone be able to modify the attack to send two-way communications or more packets?
As Carric Dooley, Microsoft Senior Security Consultant based in the U.K and uber-hacker said, "The thing is, just like with WEP [hacking], the first attacks took too long and required too much data. Now you can get a WEP key in under a minute. One has to ask how long it will be before subsequent attacks allow discovery of more keystream to reveal actual data for eavesdropping."