Cracks in WPA? How to continue protecting Wi-Fi networks

Behind the WPA crack
Indeed, two German researchers recently published a paper entitled Practical Attacks Against WEP and WPA (.pdf), which describes an attack on WPA implementations that makes use of the Temporal Key Integrity Protocol (TKIP), an encryption algorithm meant to protect the wireless network. By exploiting a vulnerability in TKIP, an attacker eavesdropping on a network can potentially recover the keystream corresponding to extremely short packets (such as those used by the Address Resolution Protocol and DNS) and re-inject traffic of the same length on the network. Essentially, this means an attacker can compromise TKIP encryption enough to introduce malicious ARP and DNS traffic.

Now, before you tear down your WPA network, take a moment to think about the implications of this type of attack. First, it's important to note that the exploit allows the recovery of the keystream and not the WPA key. The keystream is the series of temporary keys used to encrypt traffic for a short period of time while the WPA key itself (which remains secure in the face of this attack) is used to generate these temporary keys. Therefore, a hacker who successfully exploits this vulnerability can't use it to decrypt all of the traffic on a given network. For the most part, data traversing the Wi-Fi network is still secure.

However, this is the first known chink in the armor of WPA-TKIP, which was a stopgap measure put in place to compensate for the significant earlier flaws discovered in the WEP protocol. It would behoove you, as a security professional, to keep your eyes open and pay attention to news of any future WPA vulnerabilities that hit the wire. While this blow merely shakes the foundation of TKIP, so to speak, another significant vulnerability could knock the house down entirely.

Protecting the wireless network
So, after reading this recent WPA vulnerability research, what protections should be implemented? There are two effective approaches that will help preserve the security of an enterprise wireless network:

• Use the Advanced Encryption Standard (AES). WPA offers two different encryption modes: TKIP and AES. While TKIP is based on the same basic mechanism as the outdated WEP protocol, AES is a newer and better encryption method that is actually less of a detriment to network performance. The vulnerability found by the German research team affects only WPA deployments that make use of the TKIP protocol. There are currently no published vulnerabilities in the AES protocol. If you're currently running TKIP, chances are that you can switch your network to AES by changing a single setting on the wireless controller. The only downside to this approach is that some older wireless equipment that doesn't support the AES protocol may no longer be able to access your network. Based upon this vulnerability, I strongly recommend that you immediately begin planning to replace any such hardware in the near future.
• Implement wireless security best practices. You'll still get quite a bit of mileage out of implementing the best practices that networking experts like myself have been preaching for years. For wireless network services in a large enterprise, be sure to use enterprise authentication, rather than a shared password. It's simply not possible to enforce user accountability when thousands of people know the password to a wireless network. If you're running a smaller network and choose to go the pre-shared key (PSK) route, where a key is previously shared between two parties through a secure channel before it needs to be used, choose a strong key of at least 20 characters and change it frequently.

The bottom line is that the sky is not falling as a result of this new Wi-Fi security vulnerability. While there is a notable flaw in the encryption behind WPA-TKIP, it is currently of limited utility. However, I recommend using this announcement as an opportunity to review the security of your own wireless network. For those using TKIP, it's a good time to consider making the switch to AES for your own peace of mind.

About the author:
Mike Chapple, CISA, CISSP, is an IT security professional with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Mike is a frequent contributor to SearchSecurity, a technical editor for Information Security magazine and the author of several information security titles, including the CISSP Prep Guide and Information Security Illuminated. He also answers your questions on network security.

Rate this Tip To rate tips, you must be a member of SearchSecurityChannel.com. Register now to start rating these tips. Log in if you are already a member. Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Mobile and Wireless LAN Security Offering secure remote access technologies and services Savvy VARs should capitalize on wireless LAN security services Offering SaaS for securing mobile devices Must-haves for wireless network security: WLAN switches, intrusion detection and more How to increase the RF footprint and bandwidth of a wireless network How to manage guest user authentication when building a wireless network Wireless network security: 802.11i and WPA basics Ten steps to wireless LAN security Penetration testing -- Securing wireless access points Demand for mobile security, management unaffected by Symantec delay Securing Network Protocols Wireless network security: 802.11i and WPA basics Packet flow from all networks Wireless network security upgrade offers additional sales opportunities Voice over IP security: A learning guide VPNs: SSH Security and IPv6 Filter network traffic with IPsec filtering rules Network Security How to help customers choose a network access control product Offering SaaS for securing mobile devices How to perform a network security audit for customers Host-based IDS/IPS Partner Program Directory Network security algorithms introduction Searching for multiple strings in packet payloads Approximate string matching IP traceback via logging Detecting worms IP traceback via probabilistic marking RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.