Experts crack 802.11 protocol

Scientists at Houston-based Rice University have published a paper on wireless security, concluding that the 802.11 Wireless Encryption Protocol (WEP), which most wireless users currently rely on for security, is "totally insecure".

Adam Stubblefield, John Ioannidis and Aviel Rubin, along with AT&T Labs, this week published a paper on how they used the Fluhrer, Mantin and Shamir attack to break 802.11's WEP at its highest level of 128-bit.

Using only off-the-shelf hardware and software, the researchers claim that the attack was completely passive and undetectable. They used the methodology applied by fellow scientists Fluhrer, Mantin and Shamir, detailed in a paper last month. vnunet.com also explained a similar idea last month.

"With our implementation we were able to recover the 128-bit secret key used in a production network with a passive attack," said the group. The basis of the attack is that the RC4 keystream cipher is implemented improperly, and the attack exploits this design failure. Wireless cards using the 802.11 protocol reset their keystreams every time they are initialised, and then increment them by one for every use.

"This results in a high likelihood that keystreams will be reused, leading to simple cryptanalytic attacks against the cipher, and decryption of message traffic," explained the group. It means that the encryption keys can be predicted.

The team was able to successfully implement the attack in several hours, claiming to have "demonstrated the ultimate break of WEP, which is the recovery of the secret key by observation of traffic".

"Given this attack, we believe that 802.11 networks should be viewed as insecure," the group continued. "We recommend the following for people using such wireless networks: assume that the link layer offers no security; use higher-level security mechanisms such as IPsec and SSH for security instead of relying on WEP; treat all systems that are connected via 802.11 as external.

"Place all access points outside the firewall; assume that anyone within physical range can communicate on the network as a valid user; keep in mind that an adversary may utilise a sophisticated antenna with much longer range than found on a typical 802.11 PC card."

The researchers concluded that it is difficult to get security right. Flaws at every level, including protocol design, implementation and deployment, can render a system completely vulnerable. Once a flawed system is popular enough to become a target, it is usually only a short time before the system is defeated in the field.