Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.

Step on a WEP Crack, Break Your Network's Back

The oldest form of Wi-Fi network encryption, WEP (Wired Equivalent Privacy), is now truly, honestly, deeply dead. Yes, it was dead before, but now it's even more dead. German researchers have shown that they can crack a WEP key in one to two minutes of network sniffing and analysis; prior to this, WEP required at least 15 minutes of capturing data from an active network.

If you're still using WEP on your Wi-Fi network and believe that it provides any real security (rather than just erecting a No Trespassing sign), let me see if I can convert you to WPA (Wi-Fi Protected Access).

WEP Cracking Background -- WEP protects the local wireless link, the connection from a computer or other device to a base station. WEP was released in 1999 as part of the first high-speed wireless networking specs - 802.11a and 802.11b - as a first layer of defense against those who might want to peek into what's passing over your network. The name says it all: Wired Equivalent Privacy, or the level of privacy you would expect from an Ethernet network where someone would need to gain physical access to plug into your wired network.

Starting in 2001, researchers discovered big flaws in the algorithms that make up WEP. While the specifics are highly technical, research revealed that several choices in WEP's design made it easy for a cracker to sit passively by, capture packets, and, through statistical analysis, recover the key that encrypted the data. While fixes to the most egregious problems with WEP kept it limping along, its days were numbered.

By 2003, any moderately sophisticated user could use free and simple software to crack a network's WEP key by observing about 15 to 30 minutes of active network traffic. (Both the 40-bit and 104-bit versions of WEP were equally vulnerable, with the latter taking only twice as long to break.)

I had heard since 2003 that were there tools not in wide distribution that enabled WEP key cracking in just a few minutes. Because those tools were only rumored, WEP maintained a tiny amount of integrity. For instance, one corporate method of using WEP relies on individual login accounts to a Wi-Fi network, each of which receives a unique WEP key, and that WEP key changes as frequently as every five minutes. I'd hear colleagues defend WEP by noting that someone would have to linger near their house for some time to break their key.

Researchers at the Technische Universitšt Darmstadt have now torn away that last shred of respectability for WEP. Three Darmstadt researchers in the cryptographic and computer algebra group developed and released a method of cracking WEP in as few as 40,000 packets, taking just under a minute to capture and analyze the data. That yields a WEP key 50 percent of the time. Double the packets captured, and the score hits 95 percent.

Their method couples efficient cracking with a tool that forces a WEP-protected network to produce data, even when no computers on the network are actively transmitting and receiving.

Use WPA, Really -- Wi-Fi Protected Access (available as WPA and WPA2) was designed to replace WEP, although it's still easy to find WEP in use. WPA, announced in November 2003 by industry trade group The Wi-Fi Alliance, was an interim release of new security measures then in development as 802.11i by the IEEE, the engineering standards group responsible for all the 802.11 flavors.

WPA had two goals: making sure that 802.11b devices released as far back as 1999 would be upgradable to a baseline level of security and ensuring that the same security method would work with 802.11g, which started shipping late in 2002 and appeared from Apple in early 2003.

WPA's TKIP (Temporal Key Integrity Protocol) works much like a WEP key - it was designed to have all the same basic characteristics - but plugs all of WEP's holes and repairs flaws that hadn't yet been exploited. WPA2, a 2004 update based on the final 802.11i standard, also supports TKIP and adds a stronger key type among other improvements; WPA2 only works on Wi-Fi gear released since late 2002. All Wi-Fi equipment tested for Wi-Fi certification since early 2006 must support WPA2.

While WPA should be the minimum level of security available on new devices, I still often find that the first release of a piece of Wi-Fi-enabled hardware, like Kodak's first EasyShare-One Wi-Fi camera or the MusicGremlin, has only WEP support; WPA/WPA2 support tends to take weeks or months to appear. And WEP is apparently in wide use in retail where old point-of-sale and payment systems that otherwise work just fine can't be upgraded cheaply; a corporate-security firm just released a tool to fool statistical WEP cracking tools into analyzing lots of bad packets to help protect these older retail systems. The Darmstadt researchers noted in one interview about their project that this bad-packet method could defeat their approach.

Wireless Security and the Mac -- Mac users have used WEP for a long time because Apple has such a long history with 802.11 specs and Wi-Fi. Apple built WEP into the very first 802.11b AirPort card and base station. And WEP is still an option for use with the latest AirPort Extreme Base Station that supports the 802.11n high-throughput protocol.

However, Apple has also supported each release of WPA and WPA2 through revisions to Mac OS X and firmware releases for its hardware. The original AirPort Card (1999-2004) can be upgraded in Mac OS X 10.3 to WPA; the original 802.11b series of AirPort base stations can't be upgraded past WEP. All AirPort Extreme and Express gear can handle WPA and WPA2 in Mac OS X 10.3.3 or later; see Apple's firmware and AirPort Software download page for more details.

The 802.11n standard, supported by certain newer Macs and the new AirPort Extreme Base Station, allows only WPA2 security. However, the new AirPort Extreme Base Station provides backwards compatibility for WPA with TKIP and for WEP. (In testing, the WEP compatibility mode, called WEP Transitional, doesn't seem to work reliably in allowing WEP-based connections.)

The moral of the story is that WEP is now even more of a joke than before - anything that can be broken in one minute simply doesn't count as a security measure. It could still be considered a "No Trespassing" sign - the fact that even an easily broken password is necessary to access a wireless network makes it clear that visitors are unwelcome.

But since WPA is widely supported, and since WPA2 is required if you want to connect via 802.11n from an enabled computer to Apple's new AirPort Extreme Base Station, there's almost no reason not to dump WEP in favor of WPA. If you're using it with an Apple TV, you really do want 802.11n's faster throughput for better speed in synchronization and streaming.

If you're intimidated by all the technical aspects of security, you can find a more in-depth discussion about your risks in "Evaluating Wireless Security Needs: The Three L's" (2004-04-05) or in "Take Control of Your Wi-Fi Security," which I wrote with Adam Engst.

For networks that involve a new 802.11n-capable AirPort Extreme Base Station, you can learn more about configuration, security, and mixing old and new networks in my just-released book, "Take Control of Your 802.11n AirPort Extreme Network."


READERS LIKE YOU! Support TidBITS by becoming a member today!
Check out the perks at <http://tidbits.com/member_benefits.html>
Special thanks to William Hamlin, Norm Harris, Linda Cable, and
bocaboy for their generous support!