If you haven't abandoned
the use of Wired Equivalent Privacy (WEP) on your company's
wireless LAN yet, there's no time like the present. It has
been known for years that WEP can be broken as easily as a
terrorism suspect stuck in a room with Jack Bauer, but a new
paper by a trio of German researchers shows that compromising
the widely used protocol is now completely trivial.
The paper, "Breaking 104 bit WEP in
less than 60 seconds," demonstrates a technique through which
an attacker can recover the WEP key by capturing just 40,000
frames. This is an improvement of about an order of magnitude over
previously known attacks, the authors say. Indeed, the biggest
challenge attackers faced in recovering a WEP key was the amount of
time it took to capture the number of packets needed. This new
technique is perfectly tailored for the attackers of the ADD
generation: The number of frames needed can be obtained in less
than a minute.
 | | | | | Maybe it's simply inertia or a
reluctance to mess with a configuration that's working, but
sometime soon, those of you who are still holding out will need to
make the switch.
, |
| | | | | |
| |
|
Security experts for years have been advising enterprises, as
well as home users, to switch from WEP to Wi-Fi Protected Access 2
(WPA2), also known as 802.11i. WPA2 is a far stronger and more
versatile encryption scheme and is supported by default in
virtually all of the wireless access points on the market. In
practice, it's not much more difficult to implement than WEP, but
for whatever reason, many organizations have been reluctant to move
to WPA2. Maybe it's simply inertia or a reluctance to mess with a
configuration that's working, but sometime soon, those of you who
are still holding out will need to make the switch.
It's important not to underestimate the role that WEP played in
making users aware of the security challenges inherent in deploying
a wireless network. As Wi-Fi use began to explode in the late 1990s
and early part of this decade, almost no thought was given to
securing these networks. Users loved the freedom of being able to
work in airports, coffee shops and bookstores and most of them
wouldn't know an encryption algorithm from a venti latte, nor did
they care. Many administrators figured that they security measures
they had in place on their wired networks could be adapted to
protect wireless LANs, but that turned out not to be the case. Soon
enough the newspapers and trade journals were full of reports of
hackers driving around downtown areas, sniffing Wi-Fi traffic,
reading unsuspecting users' emails and launching DoS attacks. And,
as surely night follows day, a crop of wireless security vendors
mushroomed up to capitalize on this new market.
The solution to these problems, some experts said, was
comparatively simple: enabling WEP. Security experts knew as early
as 2000 that WEP had problems that could allow a determined
attacker to recover a user's key, but they also knew that it was
better than nothing and would at least provide some baseline
protection. Users and enterprises listened, and WEP quickly gained
wide acceptance. Just as quickly, researchers began publishing
papers pointing out the inherent flaws in WEP and advocating for
more stringent security measures. Bill Arbaugh, Narendar Shankar
and Y.C. Justin Wan wrote a seminal paper in 2001 that laid bare
WEP's
insecurity and showed how easily attackers could exploit
it.
The public discussion of the problems and the search for
solutions ultimately resulted in the development of WPA2 and also
had the effect of raising the level of awareness about other
dangers facing wireless LAN users. We now see public hotspots
advertising their use of WPA2 and using security as a selling
point. That would have been unimaginable a few years ago when
access was all, and security was not even an afterthought. RIP
WEP.