Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Wireless Security Standard Has Old Problem?

Posted by simoniker on from the it's-always-something dept.

eggboard writes "Wireless security expert Robert Moskowitz, who sits on IEEE and IETF committees on that subject, sent me a short paper on a glaring weakness in the Wi-Fi Protected Access (WPA) protocol that's replacing the weak and broken WEP system well discussed here at Slashdot. His paper, which I've posted here, proves definitively that while WPA itself remains robust and secure, the interface for choosing consumer passwords makes it simple to snarf a tiny bit of network traffic and perform an offline dictionary attack. For Slashdot readers, this probably seems trivial, but because Linksys, Apple, and others are letting users enter My Dog Has Fleas as their passphrase, WPA might be less secure for home users than WEP."

6 of 249 comments (clear)

  1. Big deal by WolfWithoutAClause · · Score: 4, Informative
    Just about any protocol allows dictionary attacks. Whilst some techniques, like salt, help, ultimately they make the problem for the bad guys only slightly harder.

    Only long passwords and encouraging the users to use good quality passwords/phrases really helps.

    Ultimately though, these passphrases are flawed anyway- they are a form of shared password. History has shown this to be a thoroughly bad idea, one passphrase per user/machine is a far better idea; and even the user shouldn't know what it is (that way it can't get beaten out of them- black cosh crytography works pretty darn well.) These standards organisations aren't even trying.

    --

    -WolfWithoutAClause

    "Gravity is only a theory, not a fact!"
  2. This is *Supposed* to be hard by TechyImmigrant · · Score: 5, Informative

    The idea here (I know, I was there when we voted it into the standard) is that the PBKDF2 is computationally significant.

    Thus when you perform your offline dictionary attack, for each lookup in the dictionary, you must perform 4096 HMAC_SHA1s and this might take some time if you are looking up a large number of dictionary entries.

    The basic conflict is the wide disparity between the power of processors in low end 802.11 transceivers and high end computers. The time to compute the 4096 HMAC-SHA1s is significant on say a slow ARM7TDMI and the 4096 value is a compromise to limit the delay in computing this. This delay affects the time from pressing return on the keyboard, to the time the PTK can be known and communications can begin.

    However the attacker can apply his cluster of 3GHz PCs, or his FPGA HMAC_SHA1 parallel processor, or his supercomputer array, and make the speed of dictionary lookups relatively insignificant compared against the strength of the passwords being used.

    The wise people asked for a much higher number than 4096. Some implementation types beat it down to 4096, and here we are..

    --
    Evil people are out to get you.
  3. Re:WEP newbie question - how bad is it? by Dusty · · Score: 4, Informative

    Ars Technica has a good summary of what you can do with SSID's and WEP to improve your wireless network's security:-

    Security Practicum: Essential Home Wireless Security Practices
  4. Re:My Dog Has Fleas by shird · · Score: 4, Informative

    Actually, a dictionary attack is inlikely to break 'My Dog has Fleas' because it is composed of multiple words, is fairly long, and has mixed case. Dictionary attacks typically involve just one or possibly two words strung together. Anymore and it becomes pretty impratical.

    The only pratical way to find that password is through brute force. In this scenario, the longer the password and more possible different characters (ie lowercase and uppercase, and spaces) makes it more difficult. Thus, 'My Dog has Fleas' would be more secure than 'mdhfaymdt' against a brute force attack. The latter could be broken in a matter of hours through brute force.

    --
    I.O.U One Sig.
  5. Re:At least use WEP! by WuphonsReach · · Score: 5, Informative

    We don't use WEP on our wireless net at the office. Too often, the interaction between the card and the access-point doesn't work well if WEP is enabled (different vendors for the two products).

    Instead, we've segregated all of the WAPs onto a dead-end network where the users have to VPN into our LAN through a border server. (Basically treating them as if they were outside the office and coming in from an external ISP.)

    Works pretty well, other then having to remember to VPN into the network. The traffic ends up encrypted (inside of the VPN tunnel), so it's not possible to sniff passwords.

    --
    Wolde you bothe eate your cake, and have your cake?
  6. WEP isn't that bad to begin with by Brad+Mace · · Score: 4, Informative
    If you're smart when you set up your access point, and turn on WEP, 99.9% of people that might hack your network are going to go find an easier target. The typical figure I've heard is 24 hours or more to get enough traffic to break the encryption. Unless someone knows you have something they want, they're not going to bother.

    Home users are going to generate less traffic than businesses, and so it will take even longer to get enough traffic. Unless you happen to notice a van parked outside your house for a couple days, or find yourself staring down the barrel of a pringles can, you can relax.

    1. Turn off SSID broadcasting
    2. use a unique SSID
    3. For God's sake, change the admin password
    4. Turn on WEP
    5. Use MAC address filtering
    Congratulations, you're now more trouble than you're worth.