While the growth of 802.11b wireless networking has been explosive, problems
with security of data being transmitted have plagued the technology almost since
its conception. Still in spite of its drawbacks 802.11b has some compelling
reasons for its deployment, both by the consumer and in the enterprise. Those
reasons include its low cost, its ease of deployment and the tremendous convenience
that wireless networking offers.
As anyone knows who remembers the old Party Line telephone system, some times
lack of good privacy can be lived with. Risk in general is discussed as well
as basic ways to mitigate the risk. While Wireless Fidelity’s (Wi-Fi)
main security algorithm Wireless Encryption Protocol or WEP as it is commonly
referred to remains relatively easy to crack, it is still better than nothing.
This and other counter measures are discussed from basic residential wireless
setups to more advanced ways the enterprise environment might consider for deploying
wireless for transmission of important corporate data.
While data security, confidentiality, integrity and user or access point authorization
has left much to be desired in Wi-Fi’s past, the future of Wi-Fi seems,
at least at present to be brighter. Perhaps the main reason for this has been
Wi-Fi’s tremendous growth, which makes many of IT’s main players
want to see it succeed. WPA, 802.11X and other technologies have support of
such industry giants as Microsoft and Cisco.
So while secure wireless computing is still not a reality, it is a technology
that merits close watch for the enterprise.
Wireless Fidelity’s (Wi-Fi) Past, Present and
802.11b wireless networking is experiencing tremendous growth. Every indication
is that it will be around in one form or another for quite some time. The tremendous
growth of Wi-Fi is due to of a couple of things, but the main reasons for its
tremendous growth are the same for both the consumer and the enterprise. Wi-Fi
as it is commonly called is inexpensive especially when compared to traditional
Ethernet networking and it is convenient.
To appreciate what the cost savings are, consider a older commercial building
made of concrete and steel. Think of the expense that a company moving in would
have to go through to put fiber cabling through the many stories and walls into
a data closet. When you consider those contractors drilling through the rebar
reinforced walling you start to get an idea of the savings I am talking about.
Now imagine a company’s engineers holding an ad-hoc design meeting. With
traditional networking this meeting had to be more formalized. Now the design
engineer can walk over to the project manager with his laptop and show him the
idea with full network support and resources. He can Ad-Hoc transfer the files
over to the project managers desktop instantly. No network admin called or needed.
This is a taste of the convenience factor mentioned earlier.
With all of this going for it, Wi-Fi has yet to prove itself in the area that
is of most concern to the CFO’s and the CEO’s, and that is the area
of information security. If the industry doesn’t work together to address
these concerns, Wi-Fi may be doomed. But there is hope on the horizon and the
economic reward of having a good solution is in all the major IT players’
The Growth of Wi-Fi
Almost everyone has heard of Wi-Fi. To many it seems the one ray of hope in
an industry mired in gloom and doom due to a stagnate economy.
In fact, “According to new findings from IDC, shipments of desktops,
notebooks, and servers will rise 8.3 percent in 2003 to 147.5 million units,
then rise 11 percent to 163.8 million units in 2004. This growth is being driven
by many factors, one of which is the proliferation of 802.11b. Shipments will
likely reach 136.2 million units for 2002, a 1.6 percent increase over 2001,
IDC said. Last year marked one of the worst years in the history of the PC industry,
with shipments shrinking 4.2 percent worldwide and 11.4 percent in the United
States”(Wi-Fi Growth Expected, December 2002)
In another article: “So-called Wi-Fi hotspots, or areas where public
wireless access are available, increased by 327 percent in the European market,
from 269 locations at the end of 2001 to around 1,150 locations at the end of
2002, IDC said in its latest report”(Oliva, Erwin Lemue, Tues. Feb 11)
Indeed, the growth is such that Cisco recently acquired LinkSys, a leading
supplier of consumer Wi-Fi network equipment.
History of Wi-Fi Insecurity
In spite of this tremendous growth, Wi-Fi has been plagued throughout its
existence with the question of it’s security. One writer for ZDNET, David
Berlind on October 2, 2001 recommended that no wired networks be deployed without
a special need and recommended that the Enterprise deploy Wi-Fi networks in
their employees’ homes to allow seamless movement for employees’
laptops between office and home. While he acknowledged that compromises were
possible, he implied that the attacks were too difficult to be any real threat.
Some of the early responses to his article painted a different picture. While
many were happy with their experience deploying a wireless network, his first
responder, Craig Ellison pointed out the security problems with Wi-Fi, and chided
him for his recommendation of it. One reader almost immediately lost data and
had to rebuild his system due to unauthorized access to his machine through
the Wi-Fi connection.(Berlind, David, Oct 2)
One month earlier the September 2001 PC Magazine, Craig Ellison wrote “Exploiting
and Protecting 802.11b Wireless Networks”. In it he detailed using a laptop,
a wireless cards and a 14 db Yagi antenna to identify 61 open network connections
within 6 blocks of PC Magazines Manhattan offices. Using NetStumbler, a shareware
program he enumerated information about each network including the interesting
fact that only 21% of the networks had WEP enabled. Expanding his search he
found 808 wireless networks with only 38% WEP enabled. (Ellison, Cra, September
Problems with Wi-Fi Security had been noted earlier. Borisov, Wagner and Goldberg
reported that passive eavesdropping could determine plaintext from messages.
They also detailed how Wi-Fi equipment could be easily modified to perform passive
eavesdropping. (Nikita Borisov, Ian Goldberg And David Wagn, January 2001)
On March 30, 2001 researchers at the University of Maryland detailed the insecurity
of the shared key authentication method. This paper also detailed that most
Wi-Fi cards software allow the user to change the 48-bit MAC address. This invalidates
Access Control Lists security since the MAC addresses are transmitted clear
text, allowing eavesdroppers to intercept them.(William Arbaugh, Narendar Shankar
And Justin W, 30 MAR 2001) In May 2001, Aubaugh designed a plaintext attack
which recovered a RC4 encryption stream one bit at a time using trial and error.
(Arbaugh, William, May 2001)
But the most devastating article appeared in August 2001, from SecurityFocus.
Fluher, Mantin and Shamir discovered how to recover the secret key from the
first few bits of several thousand messages. (Scott Fluher, Itsik Mantin And
Adi Sham, August 2001, SecurityFocus.com)
In August a group from Rice University developed software that enabled them
to recover the128 bit WEP key for a WLAN. (Adam Stubblefield, John Ioannidis
And Aviel Rub, August 6) The same month AIRSnort and WEPCrack were released
using the Fluher, Mantin and Shamir weakness.
Even earlier in October 2000 Jesse Walker from Intel published an article entitled:
“Unsafe at Any Key size, an Analysis of WEP Encapsulation” which
states in the abstract: “It is still repeatedly suggested, asserted or
assumed that that WEP could meet its goal [of data privacy] by migrating from
40-bit to 104- or 128-bit RC4 keys instead. This reports seeks to dispel this
notion once and for all…WEP encapsulation remains insecure whether the
key bit is 1- or 1000- or any size whatsoever and the same remains true when
any other stream cipher replaces RC4. The weakness stems from WEP’s usage
of its initialization vector.” (Walker, Jesse, 25 OCT 2000)
The Basic Problems with Wi-Fi Security
WEP relies on a shared key between communicating computers to allow data privacy.
Encryption of a data frame follows the following steps:
First a checksum is computed on the plaintext message to insure data integrity.
This is combined with the plaintext to produce the input to the second step.
The next step, encryption, the output described above is encrypted using the
RC4. The RC4 generates a keystream using an initialization vector and the key.
The keystream is exclusive-OR’ed with the plaintext from above to obtain
the cipher text.
XORing and Exclusive ORing are a form a digital addition in which two rows of
binary numbers are compared and their similarity or difference is noted in a
third row of binary.
Finally this cipher text is transmitted over the radio link to the receiving
The stated goals of WEP are really threefold:
- Confidentiality which insures that the messages are not susceptible to eavesdropping.
- Access Control, which prevents unauthorized use of the Wi-Fi network infrastructure
- Data Integrity which insures that the message is received as intended.
All three of these functions depends on the key being non susceptible to brute
force attack. The original standard incorporated a 40-bit key which was acceptable
by government regulation at that time. Manufactures extended this to an advertised
128-bit key which is really a 104-bit key.
While even the 40-bit key would be difficult to brute force, there are shortcuts
that render WEP security useless.
A well known weakness of cipher streams is that encrypting to messages under
the same key and initialization vector can reveal information about both messages.
In other works, XORing two messages will cancel out the cipher stream and the
result will be the XOR of the two plain text messages.
Thus keystream reuse can lead to several types of attacks. For example if the
plaintext of one of the messages above is known the other message becomes immediately
apparent. But most of the time real world communication has enough redundancy
to recover the plaintext messages if only the XOR sum is known. Deciphering
the Plaintext becomes easier as the number of messages increases and many known
solutions to such a problem exists such as frequency analysis and cribs.
For this type of attach to succeed the key has to be reused and some plaintext
has to be known or discovered.
To prevent these attacks WEP uses an initialization vector on a per packet
basis. Each packet uses the same key but the initialization vector is varied
with each packet; therefore the keystream is different for each packet. The
initialization vector is included in each packet unencrypted and is available
to both the cracker and the intended recipient, but since the key is secret,
the keystream remains unknown to the cracker.
The WEP standard recommends that the initialization vector be change after
the transmission of each packet. Many PCMCIA cards implement this by resetting
the initialization vector to zero after the cards are powered by and by incrementing
the initialization vector by one after each transmitted packet. Consequently
keystreams corresponding to low valued initialization vectors are likely to
be reused many times during the life of a key value.
Worse, because the initialization vector is limited to 24-bits in width, there
is almost a guarantee that the same keystream will be used for a communications
session. This lack of variety in the keystream generation is a fundamental and
fatal flaw in WEP implementation, it is impossible to avoid. Since many fields
of IP traffic are predictable, finding known text becomes less of a challenge.
Another challenge to WEP security is the problem of key distribution. The distribution
of the secret key, upon which so much of the illusion of Wi-Fi security rests,
relies on the external distribution of 4 secret keys. Each frame contains a
key identifier field which specifies which key to use. The specification also
allows for an array which specifies a key for each mobile station; however this
implementation is not widely supported. In reality most implementations use
a single key for an entire network.
Obviously, the more this secret key is out on the network and known by users,
the less the likelihood of it remaining secret. While some network managers
might try to get around this problem by configuring the key themselves, the
reality is that the key will be present on the users’ machine and therefore
accessible to the user.
The reuse of secret keys also makes the reuse of the keystream much more likely.
So to review, most wireless implementations of 802.11b are used without any
security at all, and even when there are security measures taken, Wi-Fi networks
are completely insecure to serious hackers. (Moluf, Allen, March 06)
Why 802.11B Still Even Exists
I think it is safe to say that where high level data security is needed, reliance
on WEP for security should be eliminated. That is to say, medical information
and important corporate data should NOT be transmitted over wireless networks
that rely on WEP for security.
It is reminiscent of the lack of security in the old implementation of the
multiparty lines by the American Telephone and Telegraph Corporation. Before
each telephone user had a private line, at one time multiple households or parties
shared the same line. The different users were alerted by different rings. One
user might have a long ring, another two shorter rings. At one time everyone
shared one line. Did that mean that everyone’s conversation was subject
to being overheard? Yes. Did that mean that many people wanted to totally forgo
The answer is no. People accepted the risk of being overheard, and were perhaps
more careful with what they said. The possibility of being overheard still exists,
especially on cellular phones, but this has not apparently diminished the popularity
of this means of communication. Because of its convenience, there is still a
place for cellular communication.
The same is true of Wi-Fi networking. Secure data transmission is not its market.
Recalling the risk formula in it’s most basic form:
Risk= Odds of Successful attack times the Value of the Resource Compromised.
So let’s assume the odds of a successful attack are quite high. By keeping
the value of the Resource jeopardized low, Wi-Fi still makes sense for some
applications. I use Wi-Fi on my home network and I will attest to the fact that
it makes sharing resources among my laptop, my wife’s laptop and my teenaged
daughter’s laptop much easier. My 8 year old has a game desktop for her
educational games and everyone shares a laser printer and an Epson Color printer
for color printing. One cable modem services the entire 3200 square foot house
and everyone uses a 160 Gig Maxtor drive for backup.
I am quite happy to have the ease of backup feature on my Wi-Fi network. I
was recently Ghosting an image of a VMWared combination OS setup when I had
a power surge toast my registry. Boot in last known Good Configuration option
resulted in a blue screen. But, luckily for me, I had sent the My Documents
folder to the Wi-Fi shared backup disk and had lost no data. Hours of configuration
settings were gone, as was the System Restore feature. But, my important school
work, and hundreds of megs of digital image files of family pictures were intact.
So while we in the Info Sec world have ruled out the idea of using Wi-Fi networking
for important data, we are left with an ease of use factor that cannot be ignored.
Like technology itself, I find few people willing to forgo its use simply because
of the problems it engenders. So in the next section, I will go over the steps
to be taken to make the wireless network more secure for non-critical data.
Configuring a Wi-Fi Network
No Wi-Fi network as we have established is completely secure that relies on
WEP. But just because no door or no lock will stop a determined enough thief,
this is not a good reason to leave your doors wide open.
With that in mind, the order in which to secure a Wi-Fi network, in my opinion
is the following:
- Turn the access point off if it is not in use. No cracker can crack a well
secured wireless network that is not broadcasting.
- Locate your access points away from outside walls. Again, if a cracker
can’t get the signal he can’t exploit your network.
- Turn off SSID Broadcasting. This ensures that the access point doesn’t
include the SSID(service set identifier) in the beacon frames that are sent
out many times per second. This disables automatic configuration of the user’s
radio NIC. As a result, an intruder will have to find out the SSID by more
difficult means. But when someone is booting up and an eavesdropper is using
AirMagnet or AiroPeek, he can sniff out the SSID as the user associates with
an access point.
- Utilize static IP address. By default, most wireless LAN’s use DHCP.
The problem is that DHCP doesn’t distinguish between the legitimate
user and the cracker. This aids the cracker in establishing a connection to
the access point and becoming a node on the network. Of course, some could
use an 802.11 packet analyzer and learn what IP addresses are in use, but
if the IP address is already on the network, he won’t be able to reliably
use network services. The use of static IP addresses becomes very much an
administration nightmare on larger networks, so this tip is only practical
for small networks.
Use WEP encryption. For all its many weaknesses it is still better than nothing.
Here again, by turning it on, it will likely make the cracker look for an easier
Use shared key authentication. Most wireless LANS allow the use of this feature,
which helps avoid rogue radio NIC’s from gaining access to the network.
When the authentication process occurs, the access point sends the radio NIC
a string of challenge text. The radio NIC must encrypt the challenge text with
its WEP key and send the encrypted version to the access point. After decrypting
the encrypted text with the common key, the access point can determine whether
or not the radio NIC has the correct key.
Another step is to install and to activate personal firewalls. Without this
protection, someone can easily copy or erase your files. Use of ACL’s
on encrypted file folders offers some protection as well. This applies to wired
networks as well as wireless ones.
More advanced steps to protect your wireless network include:
Setting up a Virtual Private Network (VPN). Virtual Private networking requires
the use of third party encryption like triple DES that affects all data transmission
on the LAN. How this is usually implemented is that the users’ install
wireless VPN client software on their radio which communicates securely with
the access point. This solution can be difficult to implement and costly to
deploy and maintain, but it offers security for both wired and wireless networks.
Use mutual authentication mechanisms. By using a RADIUS server (Remote Authentication
Dial-in User Service) and 802.1X protocols and access controllers you can deploy
a robust mutual authentication between users and access points. This protects
against man in the middle attacks and rogue access points and nodes. Most enterprise
grade wireless routers by companies like CISCO support these additional features.
This is combined with an authentication mechanism like EAP-TLS (extensible authentication
protocol, transport layer security). This with the implementation of encrypted
user names or digital certificates allows for strong authentication to occur.
The 802.1X also provides for distribution of encryption keys dynamically to
wireless LAN devices, which solves one of the fundamental problems with the
current implementation of 802.11 WEP.
Place access points outside the enterprise firewalls. Allow legitimate users
to access resources based on MAC addresses. Remember you have important critical
data protected with Access Control Lists and encryption as well.
So while 802.11b remains insecure for the time being, there are several ways
to incorporate some of the features of this network without risking enterprise
data. It is worth bearing in mind that the most robust solutions effectively
eliminate the compelling reason for Wi-Fi’s existence, which is ease of
use. Still wireless has some other secondary features which make it an attractive
solution for certain enterprise functions. (Geier, J, June 20)
The Future of Wireless
Wi-Fi Protected Access or WPA is currently supported by Windows XP and many
consumer products by firmware upgrades including products by LinkSys and D-Link.
According to the Wi-Fi Alliance: “Wi-Fi Protected Access had several design
goals, ie; be a strong interoperate, security replacement for WEP, be software
upgradeable to existing Wi-Fi CERTIFIED products, be applicable to both home
and large enterprise users and be available immediately.” (Grim, C Brian,
Accordingly WPA was designed to provide data confidentiality which is weak
in WEP and to provide strong authentication which largely absent in WEP.
Encryption in WPA is addressed with TKIP, or Temporal Key Integrity Protocol.
This enhances data encryption by using a message integrity checker named Michael,
an extended initialization vector with sequencing rules, a re-keying mechanism
and a per-packet key mixing function.
Additionally WPA uses 802.1x and EAP for authentication. WPA supports mutual
authentication. This prevents the wireless user from connecting to an Ad hoc
rogue server that might obtain the users network credentials and passwords.
The next generation of wireless networking will include the features listed
above and goes by the IEEE name of 802.11i. This specification also includes
Secure IBSS, secure fast handoff, secure de-authentication and disassociation,
as well as enhanced encryption protocols such as AES-CCMP. The IEEE 802.11i
specification is expected to be published at the end of 2003. (Overview Of The
WPA Wireless Security Update In Windows XP, 6/10/03)
So while the past of Wi-Fi has been plagued with security problems the economics
are such that many players in the IT market want to see the insecure WEP replaced
with something more robust. While nothing in the future is certain, it seem
a given that Wi-Fi will overcome its adolescent growing pains and mature into
a reasonably secure and easy to deploy method of networking.
- (6/10/03). Overview of the WPA Wireless Security Update in Windows XP.
. Abstract retrieved June 20, 2003, from http://support.microsoft.com/kbid=815485
- (December 2002). Wi-Fi Growth Expected. MobileInfo.com, 2002(46). Abstract
retrieved from Retrieved July 3, 2003 from http://www.mobileinfo.com/News_2002/Issue46/WiFioutlook.htm
- Adam Stubblefield, John Ioannidis and Aviel D. Rubin. (August 6, 2001).
Using the Fluher, Mantin and Shamir Attack to Break WEP. Abstract retrieved
July 3, 2003, from http://www.cs.rice.edu/~astubble/wep/wep_attack.html
- Arbaugh, William, Narendar Shankar and Y. C. Justin Wan. (30 MAR 2001).
Your 802.11 Network has no Clothes. Abstract retrieved July 3, 2003, from
- Arbaugh, William. (May 2001). An Inductive Chosen Plaintext Attack Against
WEP/WEP2. . Abstract retrieved July 3, 2003, from http://www.cs.umd.edu/~waa/attack/frame.htm
- Berlind, David. (Oct 2, 2001). Look Ma No Wires!. ZD.net. Abstract retrieved
July 3, 2003, from http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2815991,00.html
- Ellison, Craig. (September 4, 2001). Exploiting and Protecting 802.11b Wireless
Networks. PC Magazine. Abstract retrieved July 3, 2003, from http://www.extremetech.com/print_article/0,3428,a=13880,00.asp
- Geier, Jim. (June 20, 2003). Guarding Against WLAN Security Threats. 802.11-Planet.com.
Abstract retrieved July 3, 2003, from http://www.80211-planet.com/tutorials/artticle.php/1462031
- Grim, C Brian. (10/31/02). Overview Wi-Fi Protected Access. Wi-Fi Alliance.
Abstract retrieved July 3, 2003..
- Moluf, Allen. (March 06, 2002). Perils and Fixes for 802.11 WLANs in SOHOs.
Sans.org. Abstract retrieved July 3, 2003, from http://www.sans.org
- Nikita Borisov, Ian Goldberg and David Wagner. (January 2001). The Intercepting
Mobile Communications. . Abstract retrieved July 3, 2003, from http://www.isaac.cs.berkeley.edu/isaac/wep-draft.html
- Oliva, Erwin Lemuel G. . (Tues. Feb 11, 2003). Wireless tech deregulation
helps growth of WiFi: report. inq7.net. Abstract retrieved July 3, 2003, from
- Scott Fluher, Itsik Mantin and Adi Shamir. (August 2001). Weaknesses in
the Key Scheduling Algorithm of RC4. . Abstract retrieved July 3, 2003, from
- Walker, Jesse. (25 OCT 2000). Unsafe at any key size; an analysis of WEP
encapsulation. Abstract retrieved July 3, 2003, from http://grouper.ieee.org/groups/802/11/Documents/DocumentHolder/0-362.zip