Stronger Encryption for Wi-Fi

sp00 writes "The first products certified to support Wi-Fi Protected Access 2, the latest wireless security technology, were announced by the Wi-Fi Alliance on Wednesday. The Wi-Fi Alliance says WPA2 is a big improvement on earlier wireless security standards, such as Wired Equivalent Privacy (WEP), which hackers have found easy to circumvent. It includes Advanced Encryption Standard, which supports 128-bit, 192-bit and 256-bit keys."

"Easy to circumvent"?

All of the known WEP attacks are based on receiving weak IV frames (usually after sifting through gigabytes of data). Modern WiFi chipsets (i.e., those made within the last 2 years or so) do not send weak IV frames all that often, if at all.

It is not as easy as everyone says. Try it with some brand-new, high quality equipment and you may be surprised at the result.

Re:Question

[ericpi]

At first, you don't trasmit anything. (Since, as you point out, the whitelist would prevent the access point from responding to you, anyway.) However, you just listen to the existing legitimate traffic. Then clone your device with the same MAC as one of these legitimate (and already on the whitelist) devices.

Re:WPA2?

[lizrd]

Not exactly. Wi-Fi/WPA/WPA-2 are all industry standards based on the various 802.11? IEEE standards. The difference is that WECA (Wireless Ethernet Compatability Alliance) actually does testing rather than just publishing standards like IEEE does. In order to get the fancy sticker on the package you need to pay a couple of grand and get your product tested to the standards. The benefit of certification is that you have some idea that the product was actaully implemented to the standard correctly.

That said, WPA-2 provides basically zero benefit over WPA. WPA relies on the same RC-4 algorithm as WEP, but has a few patches put in place to resolve the problems it had. The most important one is using a new key for each frame. Given a choice between an algorithm that can be broken given 11MB of data and one that has no known attacks, do you think that it matters which you use to encrypt 1500 bytes? Not really.

The good news about WPA-2/802.11i (same thing, just certified and a less scary name for the PHBs) is that it breaks hardware compatibility, and that means there's a chance that things have been done right this time.