'New' WPA Security Breach Discussed During Ratification Process

The flaw is not newly-discovered but rather was discussed during the ratification process, according to the paper's author, Robert Moskowitz, senior technical director for ICSA Labs. Network equipment vendors could easily solve the problem but they have provided no assistance, he said in an interview Friday.

"Vendors have, in the large part, let the user community down," Moskowitz said. He was part of the IEEE's ratification process and voted for the standard.

Moskowitz said in his paper that hackers can successfully launch offline dictionary attacks against short pre-shared keys (PSKs), which are passphrases used for WPA. He stressed that such attacks can't succeed when longer passphrases are used. He also noted that enterprises that use RADIUS back-ends for security are not at risk.

In an interview, Moskowitz stressed that this security flaw was well known and was discussed during the ratification process for the standard. The standard itself notes the problem and states that passphrases with 20 or more characters are likely to be immune to the attacks.

"We discussed this in one meeting and somebody even posted the dialog of the meeting online and named names," he said. He added that the problem isn't with the standard, but rather the security tools and other help Wi-Fi equipment vendors provide.

"Vendors should say, 'You can use PSKs, and let us help you choose good ones,'" Moskowitz said in the interview.

The tools are needed because passphrases of 20 characters "are more than most people will ever use." Vendor-supplied tools are needed to create random numeric passphrases, Moskowitz said.

"If you have a random number that's even 80-bits long and convert it to a hex value or alphanumeric and use that as your passphrase, it won't be in a dictionary," Moskowitz said in the interview. "If vendors would supply just a little tool that generates a random number, you're protected against an outsider finding the PSK."

Most larger enterprises use RADIUS back-ends for security because the PSK process is impractical in larger environments, he noted. Rather, he said the PSK process was aimed at smaller enterprises and private users. However, enterprises that are simply trying out WLAN equipment may not connect this equipment to the broader security infrastructure and, as a result, are open to attack.

In his paper, Moskowitz noted that the problem comes from attacks both from within and outside the network. Of the two, an attack from inside the network has fewer barriers, he said.

The initial exchange of PSKs is not particularly private, Moskowitz pointed out, and that makes it easy for anybody passively sniffing the wireless network to pick up key exchange data frames and subject them to the dictionary attack.

An initial draft of the paper is posted at Wi-Fi Networking News. Moskowitz said a final draft should be available for distribution in the next several days.

This story courtesy of TechWeb .