Wi-Fi WPA2 Vulnerability Found

BobB-nw sends along news based on yet another press release in advance of the Black Hat conference: a claimed vulnerability in WPA2 Enterprise that leaves traffic open to a malicious insider. "...wireless security researchers say they have uncovered a vulnerability in the WPA2 security protocol, which is the strongest form of Wi-Fi encryption and authentication currently standardized and available. Malicious insiders can exploit the vulnerability, named 'Hole 196' by the researcher who discovered it at wireless security company AirTight Networks. The moniker refers to the page of the IEEE 802.11 Standard (Revision, 2007) on which the vulnerability is buried. Hole 196 lends itself to man-in-the-middle-style exploits, whereby an internal, authorized Wi-Fi user can decrypt, over the air, the private data of others, inject malicious traffic into the network, and compromise other authorized devices using open source software, according to AirTight. 'There's nothing in the standard to upgrade to in order to patch or fix the hole,' says Kaustubh Phanse, AirTight's wireless architect who describes Hole 196 as a 'zero-day vulnerability that creates a window of opportunity' for exploitation." Wi-Fi Net News has some more detail and speculation.

Re:Not that big a deal...

[tagno25]

This vulnerability is only useful if the attacker knows your WPA key.

This is for WPA2-EAP (may or may not cover WPA2-PSK). So they need a valid username and password, not just a key.

Re:Not that big a deal...

[maximander]

When I give someone my root password, I assume they can delete all my files.
When I give them a limited shell account and set permissions correctly, I don't make that assumption.

This exploit is more like the later than the former: WPA was supposed to keep traffic of each individual user safe, and now it doesn't.

Re:I don't understand how it could be possible...

[fwr]

There is an out-of-band key exchange. It is called a trusted certificate. You know, just like how HTTPS works. This is for WPA2 Enterprise, of which there are many different EAP methods possible, but for which most do include an out of band key exchange (i.e., certificates, or EAP-FAST PAK). In any case, there's also the old DH key exchange, which worked fine for IPsec for years.

Re:so, not a hole

[fwr]

Sigh. Understand the protocol before commenting, or at least RTFA. There IS an individual key per user. But, there is also a shared key used for broadcast traffic. The problem is that the shared key is not authenticated, so a user who knows the shared key (i.e., anyone with access to the wireless network), can use the shared key to spoof the AP and send messages to other users, and force them to give up or change their unique per-user keys. A "fix" would be getting rid of the shared key for broadcast, but that would require the AP to send a separate "broadcast" packet to each user individually, using their unique per-user key, instead of just one packet.

Re:WTF

[Tumbleweed]

nah, things went downhill about the 50k mark... ;)

Not really. Things went downhill much sooner than that. I'd have a much lower UID than I have if I had seen the need for it, but the 'first poster' morons, etc., weren't much yet around, and there wasn't much value to HAVING a Slashdot account until some time after the account system was first implemented.

Re:Not that big a deal...

[blacklint]

It used to be that an enterprise WPA2 network had a similar level of privacy to a switched wired network, where individual users couldn't see each other's traffic. Now it is equivalent to a network with hubs, allowing connected users to see each other's traffic.

Re:so, not a hole

[bitslinger_42]

The real fix would be to get users to realize that there's no such thing as a secret when you're yelling loud enough that people a half a block away can hear you. Even if you're talking in code, chances are, if someone really wants to screw with you, they'll figure out how.

Wireless networking is a convenience, and at Layer 2, there probably isn't much that can be done to secure traffic. If you want secure, either use your own encryption (IPSEC, SSL/TLS, SSH, etc.) or use a wire.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:so, not a hole

[zippthorne]

So.. its the same as the wired ethernet, then? Except that instead of just plugging in a wire and sniffing away, it takes a small amount of effort?

I guess "WiFi is slightly safer than wired networks, when it comes to malicious peers" isn't quite as attention grabbing a headline.

Re:so, not a hole

[silverdr]

> That creepy guy sitting two tables from you at the coffee shop? He can now read your e-mail.

Can he?

Ah - you wrote "_your_ e-mail", right? I am pretty sure he can't do much of reading of _my_ e-mail based on this particular exploit.

And if _you_ rely on WPA (or whatever) within your (W)LAN to protect you from unauthorised reading of your e-mail, then you should really reconsider your approach to data security.

Re:Not that big a deal...

[amorsen]

Actually it seems that WPA2 enterprise is exactly like a switched wired network. The casual users can't see each others traffic, but the knowledgeable can see everything. Unless there's an ubergeek doing the switch administration (which generally doesn't happen outside academia) and the switch is really good (which is rarely the case in academia).