News

802.11b encryption flaw fixable

802.11b had a problem with its encryption. The problem made it easy to crack. The solution has just arrived.

The solution is "Fast Packet Keying" as it is called by RSA and Hifn who worked on the fix together. The problem is currently that with 802.11b WEP encryption, the keys to each packet being transmitted are too similar. And when encryption keys are too similar, it means that crackers can with sufficent packets, work out what the "shared secret" of the encryption is. Once you have that, the wireless network is wide open. There's software like "Snort" which utilises that fact and lets you wander around sniffing and automatically opening wireless networks already freely available.

So what to do? Well, change how you make the keys is the obvious fix. What FPK does is it uses a new RC4 key on the packets as they travel, and this key changes a lot more than the old style key. This new key isn't susceptible in the same way as the old WEP set up, to people collecting lots of packets to get to the secret. For the technical background, RSA and Hifn have this tech note on the details.

The only logistical problem is that there is already a lot of 802.11b out there and changing it could be a nightmare. The good news is that "Fast Packet Keying" can be implemented in software and firmware on existing cards. So now that the fix exists and has been added to the 802.11b spec, vendors now can scramble to produce updated firmware for their cards to close the biggest problem with 802.11b.

This is going to be an interesting litmus test of 802.11b vendors to see who really handles security fixes well ... And this coder hasn't quite figured out how the world will work for people who don't upgrade their firmware. There might end up being a rather irritating situation of vendor A cards supporting FPK but vendor B not having release FPK for their access point. One does really really hope that the vendors all work to get the fix kits out as quickly as possible across the board.