Sophos Cloud Optix
Stefan Viehböck, an independent security researcher, published a paper on Boxing Day titled “Brute forcing Wi-Fi Protected Setup” to his WordPress blog disclosing a weakness in the configuration of most consumer/SoHo Wi-Fi routers.
As we all know the state of security for most home Wi-Fi networks was nearly non-existent only a few years ago.
This prompted the Wi-Fi Alliance to establish a new simple method for consumers to enable and configure WPA2 on their routers without knowledge of encryption, keys or how it all works.
The standard is called Wi-Fi Protected Setup (WPS) and is enabled by default on nearly all consumer Wi-Fi access points, including those sold by Cisco/Linksys, Netgear, Belkin, Buffalo, D-Link and Netgear.
It has three methods of simplifying the connection of wireless devices to WPA2 protected access points:
- Push Button Connect (PBC) requires the user to push a button on the router which allows it to communicate with a client needing configuration. The client attempts to connect and the router simply sends it the security configuration required to communicate.
- Client PIN mode is where the client device supports WPS and has a PIN assigned by the manufacturer. You then login to the router’s management interface and enter the PIN to authorize that client to obtain the encryption configuration.
- Router PIN mode allows a client to connect by entering a secret PIN from a label on the router, or from its management interface which authorizes the client to obtain the security configuration details.
The first method requires physical access, while the second requires administrative access, both of these pass muster. The third however, can be accomplished only through the use of the Wi-Fi radio.
The PIN used for authentication is only eight digits which would give the appearance of 108 (100,000,000) possibilities. It turns out the last digit is just a checksum, which takes us down to 107 (10,000,000) combinations.
Worse yet the protocol is designed so that the first half and second half are sent separately and the protocol will confirm if only one half is correct.
So you have now reduced the difficulty of brute forcing the PIN down to 104 (10,000) plus 103 (1,000) or 11,000 possibilities.
Some of the routers Viehböck tested did seem to implement a mechanism to slow down the brute forcing, but the worst case scenario allowed him to acquire the keys within 44 hours.
Compared with attempting to attack WPA2-PSK directly, this is a cheap and effective attack.
As the sub-title of Viehböck’s paper states “When poor design meets poor implementation” security is the loser.
If you own a reasonably modern Wi-Fi router you are at risk (unless you have installed some sort of alternative firmware like OpenWRT or Tomato Router).
If possible disable the WPS support on your router and contact your manufacturer for updated firmware which may provide a fix or mitigation against this attack.
Another researcher independently discovered the same issue and has published a tool called Reaver that implements this attack.
Similar to the Firesheep tool, this will likely light a fire under the butts of the Wi-Fi Alliance and manufacturers to quickly resolve these issues.
This is for WPS only though right? If we have our set up on WPA we are still okay because they require our password to access our network, correct?
Yes, it is only the quick setup WPS that creates a problem. Users who do not have WPS enabled and are using the good old fashioned WPA/WPA2-PSK are not impacted.
Although when you say “WPA” I hope you mean “WPA2”. If you use “WPA” (or “WPA+WPA2”) you leave yourself open to the vulnerabilities that exist in WPA.
That is correct Jeremy. WPA is still adequate for many people as it is significantly more difficult to attack then WEP, but your advice of WPA2 is the best option available to most people.
If you can choose WPA2, do it. If you can disable WPS, do it.
Most times it’s better to set it up yourself. If you don’t either read the manual that came with wireless router, or have someone who knows to set it up for you. I see some wireless networks close to my home without security enabled, which can be used to perform illegal online activities. I have a Clearwire personal hotspot and I never use the defaults. I changed the SSID to something less obvious and I enabled WPA2 with encryption with a long and complex password. By not using the defaults, you can make your wireless network more secure.
It says "If possible disable the WPS support on your router …", is that saying change my configuration from "WPA2 Personal AES" to "none"? Somehow that doesn't seem like a good idea. At least right now I have encryption that is protecting it for up to 44 hours. I am using a Mi-Fi, which is slightly different, and it is not on unless I turn it on. I think this applies more directly to those who are running a normal wireless router and leave it on at all times, which is a bad idea anyhow. I would never leave anything connected to the network 24/7 unless it was on a secured LAN with WAN access. I am going to have to do some more research on this.
Sounds like someone should have done a little more testing before releasing the WPS. I work in the IT field and work a lot with wireless systems, every single one of the routers listed, as they are the most common sold. How long have they known about this? Will they already have a solution developed? Why in the world would they set it up to only check half of the PIN? That's just stupid to begin with. Sounds like I am going to have a lot of work to do.
WPA2-PSK (pre-shared key) with AES is what you want for WiFi traffic encryption. You set your own PSK, and that's what a user needs to connect to your network. Don't change that!
WPS is an _adjunct_ to WPA for users who (for reasons I can't quite fathom) can't get the hang of typing in a password you give them.
And that's where the problem lies. WPS PIN mode (see above) is dodgy, so don't use it. How to prevent your router from offering WPS support, though, itsn't clear (see below).
On my ZTE MT-60 NextG WiFi "soap bar" (from Telstra in Australia), there isn't an option to turn off WPS entirely, and the help file skips over the WPS configuration screen completely. There's just a choice of PIN mode or PBC (push-button) mode. So I've set mine to PBC, which means that WPS does nothing _unless I press the button labelled WPS_ on the device. No PIN-based override. So if I never press the button, I should be OK…
(Don't quote me on this – but use it as a starting point for your own checking…)
Some hints for fellow OpenWRT users: a default installation of OpenWRT includes the software package "wpad-mini'. This is a stripped-down version of the WPA daemon, and is all that most home users need. It supports WPA2-PSK. That's where you type a key of your own choice into the router, and a matching key into your PC.
It does _not_ support WPS, which is the dumbed-down configuration add-on for WPA2 which Chester refers to above. For WPS to work at all, you need at least the "wpad" package and the "hostapd-utils" package.
Check the System-Software tab in the LuCI GUI. AFAIK, if you have "wpad-mini" installed, and neither "wpad" nor any of the "hostapd*" packages, you don't have WPS support and you couldn't enable it even if you wanted to…which is good!
PS. If you still have the WiFi firmware which came with your router, you'll probably need to contact your vendor to find out more. There are just too many routers from too many vendors with too many versions of too many firmware distros for Naked Security to give advice any more specific than Chester gives above, namely: "If possible disable the WPS support on your router and contact your manufacturer for updated firmware which may provide a fix or mitigation against this attack."
don’t understand how going from security that can possibly be hacked in a 44 hour period to no security can ever be a good idea. having said that, does this mean even though i have set my own passcode it can easily be hacked? even with 24 characters? i just tried it with the first 12 characters and it would not give me access. in fact i am sure it laughed at me.
In no way am I suggesting you disable the security on your router. WPS is simply a "easy" way to configure your passphrase on new devices you want to connect to your Wi-Fi. Disabling WPS simply requires you to enter your passphrase when connecting a new device instead of entering in the PIN code from your routers serial number sticker.
Do not disable WPA or WPA2 security, they are fine. It is only the simple setup option that creates a vulnerability.
@FUG25u: No, WPS and WPA2 are two different things. WPA2 is a security protocol, while WPS is a simply new way for those who are not familiar with WiFi setup to connect their wireless devices to a router easily. You can still use (and you should) WPA2 regardless you have WPS enabled or not.
Here’s some info you might want to read-up regarding the difference between WPA/WPA2 and WPS: http://en.wikipedia.org/wiki/Wi-Fi_Protected_Acce… (WPA/WPA2) http://en.wikipedia.org/wiki/Wi-Fi_Protected_Setu… (WPS)
If any of this made sense I'd know what you were talking about. WPA-Personal. WPA MODE AUTO(WPA/WPA2)
THEN I HAVE A PRE SHARED KEY. Am I safe? If not please explain in simple steps what to do.
Thanks in advance. 🙂
Please read the article again, and the comments above.
WPA is a mechanism for authentication and secrecy for WiFi traffic. If you use WPA-PSK (PSK = "pre-shared key", which is fancy talk for "password"), then you set a password on your router. Anyone wanting to connect to your WiFi needs to know and enter this password.
WPS is an additional "quick-start" mechanism for simplifying and automating the process of sharing the WPA-PSK password. (As I said above, quite why simply "typing it in on your PC" is considered too hard, I cannot understand.)
Like many things which try to simplify something complex by adding another layer of complexity, it turns out that WPS has problems.
Moral of story. Use WPA. Don't use WPS.
If you don't know how to turn off WPS on your router, try your router vendor's tech support. If you can't get any tech support for your router, try buying another router from a vendor who will support you. (Or try using using a firmware upgrade, like OpenWRT, for which you can get support.)
Disable all security and do not broadcast your SSID then use MAC address filtering and only allow the devices that you own to access your network. this eliminates any restrictions in speed caused by the encryption and (I think) is the most secure. You will however need to have a wired computer to set this up and maintain if something goes wrong so go buy a ethernet cable that reaches your computer or a laptop.
I understand what you are trying to accomplish here Joe, but it is a very bad idea.
Whenever your computer is communicating over Wi-Fi the SSID is visible to anyone within listening distance of the radio, regardless of whether it is set to "broadcast" or "beacon" or not.
Not using encryption means anyone within range of your access point has access to all of your communications and could even perform simple man-in-the-middle attacks against anything you may be using over Wi-Fi.
Encryption utilized in Wi-Fi has no impact on network performance and is mostly handled by the hardware in your wireless devices. There is no perceptible performance advantage to disabling encryption.
While MAC filtering seems like a good start, most often it simply creates hassles for connecting new devices, while ultimately not providing any real security. All of your traffic contains your MAC address in the clear and can be easily usurped by someone who wants to access your network.
See here for why what you are doing is a terribly bad idea: http://nakedsecurity.sophos.com/2009/11/09/sun-sa…
SSID hiding and MAC filtering provide safety (so people can't connect by mistake), but _no security_.
The slowest part of WiFi is the actual radio communications part, not the encryption. That means the encryption is "free" in performance terms.
WPA is a password protection system for your WiFi. How it works is you enter a password on your router, like "thisismywifikeepout". When your friends want to connect, their PC asks for a password. They ask you, you tell them what it is (if you want) and they type it in.
WPS is a password bypass system for people who are too lazy to type in a long password. How it works is your friend looks on the bottom of your router where there is an 8-digit PIN printed. 8 digits is much easier to type than 20 characters, so lazy people can do it easily, and they don't need to ask you first. They type in the 8 digits and the router then secretly tells their PC what the 20-character password is supposed to be.
Presumably the sort of comitte which would consider this a good idea is also be the sort of comitte which would mess up the system even further so the 8-digit PIN is really only 6 digits long.
So the answer is yes I'm safe because a password is required. That's all you needed to say.
If WPS is disabled. Check your web interface on your router for "Wi-Fi Protected Setup" or WPS and choose to disable it if there is an option for that. You don't need to touch any settings related to encryption like WPA or WPA2.
I use Mac filter paired with wep code that i entered myself. Is that good security for a simple household ?
WEP encryption can be cracked in a matter of a couple minutes using modern CPUs and known cryptographic weaknesses in the implementation of the WEP protocol.
You should switch your encryption settings to WPA2-PSK if your router supports it, or at a minimum of WPA-PSK if it doesn't.
MAC filtering may seem more secure, but it is often just an inconvenience. Personally I would choose a nice, strong WPA2 passphrase and consider myself done.
After looking at my Linksys WRT54G WiFi router, I see it has a feature called 'Secure Easy Setup' (under 'Wireless' > 'Advanced Wireless Settings').
Does this relate directly to any of your article's reference to three WPA2 methods: PBC, Client PIN or Router PIN?
FYI – My router's 'Secure Easy Setup' feature is currently 'Enable'd in the router f/w, even though (under 'Wireless' > 'Wireless Security') I have manually configured Security Mode: 'WPA Personal', WPA Algorithms: 'AES', WPA Shared Key: (a custom 58 character alpha-numeric Key I made up myself [58 characters seems to be the practical maximum size, even though the maximum WPA Shared Key size is stated as 63 characters by Linksys / Cisco]).
Good article … I am finding the Sophos Naked Security daily e-mails very helpful in staying abreast of current online threats. Thank you.
Yes, I do believe "Secure Easy Setup" is simply another name for WPS. If you can disable that, you will not be vulnerable to this attack.
Based on reading several other blogs regarding the WPS hack, a number of people have confirmed that changing the setting on any Linksys router from SecureEasySetup to Manual does not disable WPS. It’s unfortunate, but it appears to be true. For myself, I have installed Tomato firmware on all of my Linksys routers. It was a relatively easy process and I feel considerable more secure.
I notice that Apple is not on your list of manufacturers with this problem. I pulled up tech specs and owners manuals for half a dozen of their routers (Airport Extreme, Airport Express, and Time Capsule) and none list anything for WPS, and my own Time Capsule and Airport Express both lack any WPS button.
Perhaps this is yet another reason Apple routers are worth the money (along with a wireless backup drive for Time Machine, a shared USB cable, and wireless access to remote speakers via AirTunes).
May the following application: Private WIFI (it runs on OpenVPN) avoid a router attack?
Thank you.
Maximum PC stated this attack works even with WPS turned off.
Sorry, I meant to say arstechnica.
Linksys WRT54-GL with Tomato or DDWRT is invulnerable to this. Tested on all my 5 routers in the family. And i think is invulnerable with stock firmware too. I own this router model since forever and i love it more every day.
I have a customer that uses wifi cameras to monitor patients overnight and on weekends. They have to move the cameras around a lot, which means reconnecting them. They don't have a computer on the same subnet, so the ONLY way for them to set up the cameras is WPS.
I'm just saying that WPS isn't always just a "lazy" way to connect. There are deployments that are predicated on WPS.
BTW I am trying to convince this operation to get an admin terminal on the subnet to connect and control the cameras. Of course the only blockage is the unwillingness to spend money when the current system "just plain works," and quite easily at that. (everybody can push buttons and watch blinking lights)
I don’t see any security risks with the push button method. If any attacker has physical access to my router, WLAN access should be my least problem. Otherwise I need to offer anyone (who needs access to my router), a clear readable piece of paper (weather physical or virtual) where my PSK (like yKD|^lc4y(7*G$QMKA@mk[q4Ze%Q!>KP_qo6bE[p_mAxaJ3s’ldgT0(+Mi}=) is written on. This seems to be a much higher security risk.