WLAN Protection Enhancements
So far we have discussed generic solutions and tools. The following section will review specific tools to correct WEP-related vulnerabilities, as well as other security enhancements that are being considered for future versions of 802.11 networks.
TKIP
The Temporal Key Integrity Protocol (TKIP) is a more recent security feature offered by various vendors to correct the weak WEP problem. It was developed by some of the same researchers who found the weaknesses in how RC4 was implemented. TKIP corrects these weaknesses and more.
This new protocol still uses RC4 as the encryption algorithm, but it removes the weak key problem and forces a new key to be generated every 10,000 packets or 10kb, depending on the source. In addition, it hashes the initialization vector values that are sent as plaintext in the current release of WEP. This means the IVs are now encrypted, and are not as easy to sniff out of the air. Because the first three characters of the secret key are based on the three-character IV, the hashing of this value is a must. Without protecting the IV from casual sniffing attacks, a hacker can turn a 64-bit key (based on 8 characters x 8 bits in a byte) into a 40-bit key (based on 8 - 3 characters x 8 bits in a byte).
Also included in TKIP is a stronger and more secure method of verifying the integrity of the data. Called the Message Integrity Check, this part of TKIP closes a hole that would enable a hacker to inject data into a packet so he can more easily deduce the streaming key used to encrypt the data. You know that if a hacker knows any two of the XOR values, he can calculate the third. Therefore, by injecting known data into a packet and capturing it after it has been encrypted, a hacker can determine the encrypted value and the plaintext value. When values are XORed together, the result is the PRGA streaming key. Once the PRGA for any packet is known, a hacker can reuse it to create his own encrypted packets without ever knowing the secret key. This is possible because the hacker can take the deduced PRGA value and XOR it with his choice of text. The result of this is a properly encrypted packet. He can then simply append the same IV value he pulled from the hacked packet and reapply it to the newly created packet. Thus, a hacker could completely bypass the creation of the KSA, which is the only part of the encryption process that requires the password.
This packet, once received by the access point, will be deciphered by using the appended IV values and the password used by the access point. Then the KSA is created, which is used to create the PRGA value that the hacker used to encrypt his packet. Then the PRGA streaming key is XORed with the encrypted packet, and that information is passed on.
With the new Message Integrity Check, this type of exploit is not possible. By verifying that the packet was not altered, and by dumping any packet that appears to be, the hacker will not be able to easily determine the PRGA. In addition, hashing the IVs creates yet another obstacle to any hacker that somehow deduces the PRGA. The hacker would have to determine the correct value of the hashed IVs, which is probably based on the data in the encrypted packet.
However, and even with all this extra security, TKIP is designed like the current version of WEP. This similarity allows TKIP to be backward-compatible with most hardware devices. This also means consumers merely have to update their firmware or software to bring their WLANs up to par.
Although this new security measure is important, it is only temporary. TKIP is more like a simple band-aid to patch the hemorrhaging artery of WEP security. This is because TKIP still operates under the condition that a hacker only has to crack one "password" to gain access to the WLAN. This is one of the major factors that caused the current release of WEP to be crackable. If WEP included a multifaceted security scheme using stronger encryption and/or multiple means of authentication, a hacker would have to attack the WLAN from several points, thus making WEP cracking much more difficult.
Therefore, if you own WLAN gear, keep a close eye on the vendor patch list to see when the update is released. You might also want to send an email to the vendors' support departments to get your name on an email notification list once they have a patch. If you do not own a WLAN and are looking to purchase one, consider looking for one with this option built into it. The only other option is to wait until the next standardized wireless products are released using the 802.11i standard.
In this tutorial:
- Securing the WLAN
- Access Point-Based Security Measures
- MAC Filtering
- Controlling the Radiation Zone
- Defensive Security Through a DMZ
- Third-Party Security Methods
- VPNs
- Funk Steel-Belted Radius
- Central User Administration
- Central Hardware Administration
- Securing Your Wireless LAN
- RADIUS Accounting
- WLAN Protection Enhancements
- AES