Flaws in Wireless Security Detailed

Computerworld - Las Vegas
A cryptologist who discovered several gaping holes in the international standard governing the design of wireless network devices and the encryption algorithm meant to protect those networks last week detailed vulnerabilities that could be leaving corporate systems open to hackers.
Ian Goldberg, a cryptologist at Montreal-based security and privacy software developer Zero-Knowledge Systems Inc., along with researchers at the University of California, Berkeley, uncovered flaws in the IEEE 802.11 standard. Goldberg published a paper (www.isaac.cs.berkeley.edu/isaac/wep-faq.html) on the findings earlier this year and made one of his first public appearances about it at the annual Black Hat hacker conference here.
Hardware and software vendors use 802.11 to develop wireless Ethernet cards. The Wired Equivalent Privacy (WEP) algorithm is designed to provide the same level of security for wireless devices that a physical network cable can.
"We have demonstrated attacks on WEP that defeat each of the security goals" it was designed to address, including data confidentiality, network- access control and data integrity, said Goldberg, who showed slides demonstrating the mathematical proof that such exploits are possible to an applauding crowd of hackers and security professionals.
"We can read WEP-protected traffic, we can inject traffic onto WEP-protected networks, we can modify WEP-protected data," he said.
Goldberg and other security experts recommended that to counter the threat, all companies should use additional authentication systems, such as virtual private networks or IPSec, before allowing data to cross from a wireless network to an intranet or other corporate system. He said some products will be coming out soon to address these vulnerabilities, but they will be proprietary.
Drive-by Hacking
Hackers can often park their cars in a company's parking lot and simply "become a node" on the firm's wireless network - known as authentication spoofing, said Goldberg. "Unlike physical cables, it's really difficult to control how far radio waves go," he said.
Hackers can travel the entire length of Market Street in San Francisco "and basically not lose 802.11 coverage" while picking up wireless LAN signals in their cars, he said.
Mandy Andress, president of Dublin, Calif.-based ArcSec Technologies Inc., said WEP is particularly vulnerable to hackers in cars. She said there have been cases where hackers have used parabolic dishes to pick up wireless network signals from as far as eight miles away.
One of the most significant problems found in the WEP algorithm includes weaknesses in the way WEP encrypts packets of data using a stream cipher.
Through a series of computations, hackers can eventually uncover the plain text of certain encrypted messages and use those packets to intercept and decrypt messages encrypted with the same key, which is known as an Initialization Vector packet collision.
In addition, many commercial wireless Ethernet cards are vulnerable to hacks stemming from use by all mobile network clients of the same encryption key, said Goldberg.
"Attackers just need to know a single plain-text packet and its corresponding encrypted packet," which can be attained by pinging a company's network or sending spam traffic, Goldberg explained. "It's a correct encryption of the message, so the receiver has no reason to reject it."
That could allow hackers to do things like inject packets of data into financial transactions that contain changed dollar amounts, Goldberg said.
"WEP is assumed to be cracked now," said Chris Rouland, director of the X-Force vulnerability research unit at Internet Security Systems Inc. in Atlanta. "If you watch enough good traffic on a WEP network, you can crack everything in about 12 hours."
Newton, Mass.-based consultancy Cahners In-Stat Group has forecast that the wireless LAN market will reach $2.2 billion by 2004.

Wireless Standards 1 2 Next » Recommend Digg Twitter ShareThis Email Print Send Feedback Reprints Jump to comments Security Additional Resources WHITE PAPER EFD vs. HDD - What You Need to Know Enterprise flash drives provide a new Tier 0 storage layer capable of delivering high I/O performance at a very low latency. Proper use of EFDs in an Oracle environment can deliver increased performance compared to fibre channel drives. Read the recommendations for identification of the best DB components for EFDs. WHITE PAPER Gartner Research Report: Magic Quadrant for Application Delivery Controllers, 2009 The market for products to improve the delivery of application software over networks remains dynamic and innovative. Vendors focused on solving enterprises' most-pressing application problems have become the top players. WHITE PAPER Eight Criteria for Server Load Balancing Server load balancers are a simple yet highly effective means to scale an application environment while ensuring its availability. Today's solutions should also address application performance and security. Read about the top eight criteria you should consider when choosing a server load balancer and how Citrix NetScaler meets those requirements. White Papers & Webcasts Death to PST Files Download Now   Four Ways to Improve Your TSM Environment with a SEPATON VTL Watch Now The Tangled Web: Silent Threats & Invisible Enemies Download Now   Tape Killed the IT Guy Watch Now Forrester Consulting Mobility Study: Taking Control of Enterprise Mobile Device Diversity Download Now   BRM: What You Can Do To Reduce Risk In Challenging Times Watch this webcast now! What IT Must Do to Support Employee-Owned BlackBerry, iPhone and Android Mobile Devices Download Now   Web 2.0, Social Media and the Dark Web - A Web Criminals Paradise? In this discussion, learn about the challenges of protecting your users from the potentially unsafe content hidden in the "Dark Web". eGuide: Enterprise Security Smart Security Strategies for 2010. Read now!   Disaster Recovery 2008: Reduced Costs and Improved Performance How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this... All White Papers | All Webcasts Computerworld Reports 8 Questions To Ask About Your Intrusion-Security Solution Computerworld Technology Briefing: More than Business Value Computerworld Briefing: Staffing for Intelligence All Computerworld Reports Sign up to receive updates on the latest Security resources IT Jobs See All Jobs Post a job for $295 Go Jobs by SimplyHired   White Papers Death to PST Files Forrester Consulting Mobility Study: Taking Control of Enterprise Mobile Device Diversity eGuide: Enterprise Security SEPATON Architecture: Designed for Data-Intensive Enterprises Getting the Job Done - Comparing Approaches for Desktop Software Control Why Email Must Operate 24/7 and How to Make This Happen US Military Command Prevents Zero Day Attack with Application Whitelisting Tripwire Log Center: Next Generation Log and Event Management Leverage the full power of VMware Get More from Your IT Budget The Tangled Web: Silent Threats & Invisible Enemies What IT Must Do to Support Employee-Owned BlackBerry, iPhone and Android Mobile Devices Rock-Solid Web Protection for Endpoint Devices Foxwoods, the World's Largest Resort Casino Bets on SEPATON Can Heuristic Technology Help Your Company Fight Viruses? Preventing Data Loss When Migrating to Microsoft 2007 Protecting Against Targeted Cyber Attacks with Application Whitelisting The New Mobile Order Employee Web Use and Misuse Email Archiving: A Business-Critical Application Sponsored Links To get a better view of your entire data center, you need a better vantage point. Improve your vision with Hitachi IT Operations Analyzer - Free 30 day trial To get a better view of your entire data center, you need a better vantage point. Improve your vision with Hitachi IT Operations Analyzer - Free 30 day trial Stop malware without grinding performance to a halt with SonicWALL Cisco Unified Computing System: New Levels of Integration Diskeeper prevents fragmentation to boost speed and efficiency. Try Free! Discover the Four Trends Driving the Future of Data Centers Microsoft & Novell Interop-Ability Case Study: VTI Technologies Realizing Cost Savings Through Infrastructure Modernization Turn your desk phone and mobile phone into one with Sprint Mobile Integration. Stay informed with custom newsletters from Tech Dispenser Looking to add Unix/Linux functionality to Windows? Next-generation firewalls control applications and prevent threats. Not All QSAs Are Created Equal: What You Should Know Before You Buy The arrival of Serial Attached SCSI (SAS) marks a new era in storage scalability The AMD Virtual Experience Virtual Trade Show Introducing: Project Icebreaker Improve your Modular Cooling System Now with Alcatel-Lucent and Save CA ARCserve r12.5 is More Than Backup! Download Trial Version Today Take the Netezza TwinFin TestDrive! Enterprise search helps employees get more done. Get the facts from Google. Let Progress Software help your business make progress. How Novell & Microsoft interoperability pays off for MoneyGram Now let 1000's access reports themselves with SAP Crystal Reports Server Northwestern Computer Information Systems Program Streamline IT Costs. Boost Performance with WAN Optimization Tolly Performance Report  "Citrix NetScaler with nCore Outperforms F5 BIG-IP" Are you gambling with your data? It is at risk. Find out and protect it. Link to www.trustlto.com ITwhitepapers.com - Access thousands of white papers on 300+ technical topics. Leverage Your Cisco infrastructure for Superior Application Performance Learn about the AMD Virtual Experience Save up to 61% plus Free Cheesecake About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard Copyright © 1994 - 2010 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.