Tuesday, July 16, 2013

Three Reasons Why WEP Still Matters

In information security, we often spend a significant amount of time focusing on the latest vulnerabilities and attacks.  Our drive to find new things to worry about is often influenced by subjects that we don't prefer as much --  old security issues. The fact that so many "old" security problems are still relevant is often a source of professional chagrin.   However painful it may be,  it is important to periodically revisit long standing issues that still hound us.  If we are going to make progress and meaningfully grapple with contemporary challenges, then we have to truly learn from the failures of the past.  WEP represents one security failure that we can't afford to forget.

Brief History of WEP
WEP, or Wired Equivalent Privacy, is a WiFI security algorithm that was bundled into the original 802.11 standard back in "ancient times" (1999) and developed by a group of IEEE volunteers. The aim of WEP was to provide confidentiality to wireless transmissions (shared medium) that would be similar to wired switched connections. Almost immediately after WEP's introduction, serious security flaws were uncovered along with increasingly sophisticated methods for exploiting these weaknesses. However, the final death-blow for WEP should have come in 2007 when researchers in Germany demonstrated methods which allowed recovery of WEP keys in record time. ("Gone In 60 Seconds").

The fact that WEP is irrevocably broken is of course only a small part of the story.  For many years now, the battle to eradicate WEP has raged on and taken many fronts. One primary front has been education -- if you've taken any security or network courses , you've certainly had it drilled into you by your instructors that WEP is bad (if they didn't explain exactly why, then check out video at bottom of post). Another major effort to outlaw WEP was made via compliance -- PCI-DSS v1.2 (introduced in 2008) made WEP explicitly prohibited for use in merchant card-holder environments.  The latest major push is being made through equipment phase-out -- the WiFi Alliance announced in 2010 that WiFi certified equipment should deprecate all WEP functionality by this year (2013).

Even with all the effort spent to make WEP a bad memory of the past, the sad truth is that WEP remains a very important issue for three reasons:

Reason #1. WEP Isn't Dead (Legacy Tech Zombies On)
The sad truth is that WEP is still very much alive. Evidence to this point can be found on WIGLE, a site where individuals submit both the location and properties of wireless networks from around the world.  At the close of 2012, WIGLE statistics show that WEP encrypted access points still made up  ~ 18.8% of all wireless networks observed to date. So, 1 in 5 wireless networks globally may still be using a fundamentally flawed encryption solution (see stats below).
Legacy Tech Doesn't Die Easily 
Source: WIGLE Wireless Stats
It is astounding to consider that nearly 20% of all wireless access points are susceptible to easily performed attacks (of course 25% observed by "WIGLERs" employed no crypto at all.).

We know of course that both people and business often don't upgrade or reconfigure technology that continues to function even when cognizant of the risks (i.e TJMaxx breach).  For this reason, WEP remains a "live" vulnerability in a very real sense.  However more fundamentally, the "long life" of flawed or outdated security methods should give us all a reason for pause. (SSL + CAs anyone?).

Reason #2. WEP Reminds Us That Security Review Is Essential 
While we often talk about the flaws in WEP in terms of misuse of cryptographic primitives, we often don't talk about the core issue that led to this.  It is held by many that the real root cause for WEP flaws was the lack of peer review (esp. by cryptographers) which allowed the IEEE engineers to get so far down the road without spotting significant design flaws.

The lack of effective security review still remains a major issue that shows up over and over again. One illustrative example of this that delights some and pains others, is the history of failure of DRM technologies that were incubated in relatively isolation. (i.e. defeat of AACS).  In all cases with major system design, if security issues are missed early on in a design stage, then the cost of addressing these issues downstream through retroactive engineering is often so expensive that companies often don't even bother.

On the IT end of this issue, when is the last time you heard a vendor tell you not to worry about the security of their product because "it's encrypted"?  The lesson of WEP  should also have taught us that even if vendors do use strong encryption algorithms that implementation flaws in other areas (i.e. PRNG, key management, etc) can seriously cripple or invalidate the security of the whole system.  For this reason, the response to "it's encrypted" needs to be a number of questions that few actually ever ask.   One of these questions should be how exactly does the company approach solution/code review to prevent missing serious issues? The integration of security code review (particularly by third-parties) into software design processes can yield highly cost-effective identification and remediation of security issues early in the project pipeline.  However, many companies still do not have mature development processes that help reduce the risk of myopic omissions via effective independent security testing and review.

Reason #3. Hacking WEP Should Be Basic Skill For IS Pros
Ever had to introduce yourself at a party and explain what you do for a living?  If you said something
about "information security"or the like, you might have gotten a a response like "oh, so you break into computers for a living".

Even if your IS-related job has nothing to do with breaking into computers for a living, I'd suggest that you still develop and maintain ability to demonstrate the impact of ignoring common security flaws. The adage holds true that seeing is believing, but sadly many IS professionals lack training to demonstrate even simple hacks.  One of the reasons that WEP is still alive is there are no doubt still many misguided souls who believe that WEP is "secure enough".  This statement most often reveals a lack of understanding about how trivial it is to defeat most WEP implementations or false assumption that no-one would bother attacking their WLAN.    Dislodging these viewpoints is often easily done by demonstrating (with permission of course) how easy it really is to slice through bad security.

If you've never cracked WEP before, the Aircrack-ng simple wep cracking tutorial is a great place to start.  Also, check out the video below on structural weaknesses in WEP protocol to understand how these attacks work beneath the hood.

Ideas?/Further Reading
What are some other "old security" problems that are still with us and worthy of attention?  I'd love to hear your thoughts.

Unsafe At Any Key Size by Dr. Jesse Walker (Seminal paper on WEP weaknesses)

No comments:

Post a Comment