WPA Security Tips

By Aaron Weiss

March 27, 2008

While WPA with PSK is more secure than WEP, it is not infallible. Learn how you can use it to its fullest advantage to protect your Wi-Fi network.

Wireless networking might not rank up there with flying cars, but it's still plenty cool and very useful. (Plus, it actually exists.) But wireless data can be exposed to interception, and although we have encryption protocols intended to prevent security breaches, they are not always 100% effective.

With access to your wireless network, a hacker could intercept sensitive information, such as e-mail messages or even access-shared files. More commonly, a hacker might not want your personal data, but to abuse your network access. She or he could use your Internet service to engage in criminal activities, such as sharing illegal content or sending spam.

The original WEP protocol designed to protect 802.11b/g networks did not remain secure for very long. Flaws in its design allowed snoopers to extract the keys needed to unlock it from the airborne packet stream. In 2005, some 200 million credit card numbers were stolen from TJX, parent company of clothing store Marshalls, by compromising their WEP-encrypted wireless network using Wi-Fi gear sniffing packets from outside a store location. WEP hacking tools have matured to the point where even novice hackers can compromise WEP networks in a few clicks and a few minutes­. It is no surprise that WEP is no longer recommended for securing wireless networks.

Replacing WEP in 802.11b/g/n networks is WPA, or Wi-Fi Protected Access The conventional wisdom about WPA is that, unlike WEP, it is not vulnerable to hackers. But this is only partially true. Under certain, often common, conditions, it is, in fact, possible to compromise WPA- or WPA2-encrypted wireless networks. Simply choosing WPA instead of WEP and assuming that all is well is not enough, and could give you a dangerously false sense of confidence. Armed with the right knowledge, though, you can defend yourself against WPA hacks.

The weakness in WPA

Most WPA users authenticate their network passphrase using the protocol PSK, or pre-shared key. The alternative, which is to run an 802.1X authentication server, is a complication usually reserved for enterprise deployments.

Unlike the vulnerability in WEP, WPA is sophisticated enough that hackers cannot simply extract the PSK from intercepted packets. When a wireless client authenticates with an access point using WPA, it performs an initial handshake, or exchange of packets establishing their relationship. It is possible to intercept and capture these handshake packets using the right combination of hardware and software. When the handshake from successful authentication is captured, a hacker can use data from this handshake to perform offline efforts to unmask the passphrase against a dictionary of possibilities.

Put another way, the hacker can take away this handshake and—without maintaining a connection to the access point—apply it against a large dictionary using a known algorithm, until the WPA passphrase is unlocked.

A so-called “brute force” attack like this can take a long time to process, from hours to days, and it may never find a successful match depending on the WPA passphrase and the thoroughness of the dictionary being used, which is why your best defense is to choose a passphrase that cannot be found in a dictionary.

How hackers hack

Using a readily-available suite of command-line tools that can be employed to execute stages of the WPA hacking procedure in Linux or Windows, hackers can collect information about your wireless network and attempt to unlock your WPA passphrase.

Fortunately, hackers face a few obstacles in their quest. For starters, to use the required command-line tools successfully, they need to be using a supported wireless card with drivers that have been patched to support "packet injection"—the ability for the card to insert packets into an established data stream. Since many major wireless cards are supported, including models commonly found in laptop computers like the Intel 2100/3945 and most Atheros chipsets, this is only a minor hurdle to overcome.

With the right tool, hackers can put their wireless card into "monitor mode," which means it "sees" all available wireless network traffic, rather than only the packets intended for it. Of course, for a hacker to successfully monitor your wireless network, he or she needs to be within close enough physical range to both send and receive packets. Usually this will mean within a couple hundred feet from your access point, but hackers can use advanced equipment to target sites from distances as far as two or three times that. Wireless sniffing tools make it easy to identify which access points are broadcasting within "earshot" and what security protocol is in effect. Once the hacker has pulled the unique MAC identifier for the target access point, he or she will see whether any other wireless clients are associated with this AP, and then pull their MAC addresses.

The hacker's goal is to capture the handshake packets from a client successfully authenticating itself against the target AP. If there are no clients associated with the IP, there is nothing they can do but wait until someone does.

If there are clients associated with the AP, it can be assumed that they know the correct passphrase. But because they are already authenticated, it is too late to capture their handshake packets. Skillful hackers have a tool, however, that can allow them to fake deauthentication packets on behalf of the client—in other words, it will kick the client off its connection. When  the client re-authenticates with the AP, which in most cases occurs automatically,  the hacker can capture the precious handshake packets.

With the handshake in hand, so to speak, the hacker no longer needs to interact with the target network at all—all he or she needs is the command-line tool and a dictionary containing hundreds of thousands of words and typical password combinations, plus time and patience.

Dictionary defense

WPA security all boils down to the complexity of your passphrase. For a hacker to unlock the WPA passphrase, that passphrase needs to be contained in whichever dictionary he or she is using. Obviously, a hacker's chance of success improves the larger and more thorough the dictionary.

Because hackers' dictionaries are composed mostly of words and simple combinations, the chances that your WPA PSK can be hacked increase depending on how likely it is to be found in a dictionary, even a very large one.

Tempting though it is to choose a passphrase you can easily remember, like the name of your pet or street, doing so is likely to produce a PSK found in a good dictionary. Your two best defenses against a WPA attack are randomness and length.

The passphrase below is bad and can probably be revealed by the WPA hack combined with a decent dictionary, perhaps even in a matter of minutes

myoffice

The maximum size of a WPA passphrase is 63 characters. The characters below, for example, would make a very secure PSK:

"{7kIfie]Q^:J<>xqbhB[pa3WdsmM!@|aP_#>4Fj6x%@,N5|dqFJaP@C@ne}jDL

Using the known WPA attack, a hacker might have to run his or her cracking tool for hundreds of years to reveal this PSK. He or she will probably be too bored to care by then, not to mention very old.

To generate truly random, well-mixed passphrases, you can choose one of several software tools to generate your own secure WPA PSK’s.

Unfortunately, this type of PSK is very difficult to remember and can be inconvenient on a network with a lot of new clients; security and convenience do not always go hand in hand.

If your wireless network frequently hosts new guests, practicality might dictate using a passphrase that is easier to handle. When choosing a passphrase shorter than maximum length, remember to prioritize non-dictionary words, plus a mixture of case, numbers, and symbols:

myOffice8000!, while shorter than optimum length, would take much longer for a hacker to reveal than simply myoffice. An even better passphrase would use nonsense words like “nonnabonnaronna,” for example.

In many cases, frustrating a potential hacker is sufficient for them to move on to another, easier target, much like the value of using The Club on your car’s steering wheel.

Loose lips sink ships

Of course, you want to be careful when communicating your WPA passphrase with other people. It doesn’t do much good to create a secure passphrase if it is easily intercepted. One approach is to share the password in “chunks.” For example, rather than send a colleague a message that your network password is “myOffice8000!,” send it descriptively, “myoffice with a capital O plus 8000 plus an exclamation point, without spaces.” Alternatively, some people prefer to store or send sensitive passwords in pieces, such as “myOffice”, “8000”, “!”, in three separate notes or messages, with a separate note about combining them.

Whether or not to change your passphrase periodically depends largely on how many clients know it. If your network’s passphrase is on many mobile machines, the chances increase that it can fall into the wrong hands, in which case it makes more sense to rollout a new password on a schedule of your choosing. In a fixed network without many clients coming and going, you should focus on choosing a single long and very secure passphrase.

Aaron Weiss is a regular contributor to Wi-FiPlanet and our resident Wi-Fi Guru. If you have a Wi-Fi question for Aaron to address in his monthly column, click on his name above and write "Wi-Fi Guru" in the subject line. To learn more about securing your network, read "Proect Yourself from Online Fraud," "A Tale of Two Passwords," or many other articles in our Tutorials section.



Comment and Contribute
(Maximum characters: 1200). You have
characters left.