Is Your Wireless Connection Secure?

May 21, 2001
by Brad Knowles
Columnist

Wireless connectivity is becoming pervasive among Mac users, whether through the use of AirPort technology or that offered by Farallon or Lucent/Agere. But should you worry about the security of your wireless network?

40-bit WEP is the norm for 802.11b, and it's not interoperable with higher levels of encryption -- it's either nothing or the full amount that the card is capable of, and if that doesn't match what's on the other end, then you're screwed. So, a single WaveLAN/Orinoco Gold card with 128-bit WEP encryption is incapable of using any encryption at all, if the rest of the network is 40-bit WEP (and, everyone on the network would have to turn off encryption to make it work).

The 802.11b security articles (see http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html) have made it clear that it doesn't matter what level of WEP encryption you have, since the easiest way to break any of them is through the 24-bit initialization vector that they all share, regardless of the level of encryption.

Of course, 40-bit encryption can be cracked with trivial ease. With a small distributed network of computers and without any particularly special hardware, back in 1997 a university student cracked a 40-bit key in 3.5 hours -- see http://news.cnet.com/news/0-1007-200-316184.html. Since each reduction in key size makes it twice as easy to break, you should be able to break a 24-bit initialization vector in about two-tenths of a second on a comparable distributed network.

In 1998, the EFF reported the results of their "Deep Crack" machine that was built out of standard off-the-shelf gate array technology to crack the DES 56-bit key, and did so in just 56 hours -- since each additional bit doubles the length of cracking time, this means similar hardware could crack a 40-bit key in about three seconds (56 hours * 60 minutes/hour * 60 seconds/minute = 201600 seconds, and 2^16 = 65536, so 201600/65536 = ~ 3.076 seconds).

All this aside, shared secrets suck. Even if you had strong crypto and you didn't have any crippling "back door" weaknesses such as an incredibly short IV, you'd still have to have people going around manually typing in the same password on all the various machines. This simply won't happen in environments like airports (where they're installing laptop-friendly lounges to let people surf while they wait for their plane) or most any other public space.

Heck, even when you go to a conference populated by extremely technical and knowledgeable people (such as a USENIX Technical conference) and where virtually everyone who has capable hardware can be presumed to know how to properly configure their machines to handle encryption, they *still* don't do it -- even the conference organizers don't bother to configure the equipment to support encryption.

No, the best thing to do is to use 40-bit encryption (only) to raise the bar slightly, but assume that everyone will be reading everything that gets sent over your card anyway (you do still have that 24-bit IV), and to have a second layer of software-only encryption (e.g., using ssh to access remote hosts across the internet, or SSL to access remote websites) that is done on top of the WEP layer.

Unfortunately, because of the way WEP is implemented, even if encryption is turned on, and you've configured all the devices to allow only closed networks, it's still possible for someone to come in and hijack your network, or decrypt and capture all your traffic.

It just takes more work on their part, but standard freely available WAN/LAN packet capture tools can be used to find out what the 802.11b Ethernet "MAC" layer addresses are, then you sit and wait for enough statistical information to be gathered (there's a great deal of redundant information in most TCP/IP network communications) to allow you to break the IV and retrieve cleartext, and once you've broken that, you can easily retrieve the shared secret (you don't even have to try to brute-force it).

At that point, it becomes a trivial exercise to spoof the allowed MAC addresses and access the network (capturing all that sensitive data), or to hijack the network and use it for whatever nefarious purpose you may have in mind.

Up until now, governments and businesses around the world have depended a lot on physical security to keep their networks from being broken into -- if a cracker can't get access to a network port, it's hard for them to do much to the system.

Unfortunately, 802.11b technology cuts those wires and lets those signals pass through walls, and you can't necessarily control who might be on the other side of those walls. Nor can you control the kind of technology they might have access to.

Worse, the developers of the 802.11b protocol realized this and came up with WEP as their claimed solution to the problem, but it has fundamental flaws that prevent it from being anywhere near as secure as simply preventing someone from getting access to the network ports in the first place.

Bruce Schneier teaches us that security is a process, and cryptography is just a key element of that process (see http://www.counterpane.com/crypto-gram.html). If the designers of the 802.11b standard had used strong cryptography as part of a protocol that has had extensive testing performed on it, they would have stood a decent chance of ameliorating some of the problems that they were creating by introducing a wireless protocol. Unfortunately, they failed to do that part of their job.

How long do you want to bet it will take for there to be a cracker toolkit to come out that will do all the necessary stuff on a standard PC (or Macintosh) and a standard 802.11b card? All they need to do is integrate the existing "sniffer" tools with the code to do the statistical analysis of the captured traffic, looking for the IV.