“It is a secret in the Oxford sense. You may tell it to only one person at a time.”
– Lord Franks (1905-1992) English academic, diplomat and philosopher
In the world of telecommunications and technology, nothing lasts forever. When it comes to the issue of security, nothing is ever truly secure and nothing stays unbroken.
Consider the case of good old Hashing Algorithm SHA-1. For years researchers have been warning that SHA-1 is weak, and have been actively urging people not to use it for securing their websites and any other encrypted traffic. Earlier this year, some researchers at Google managed to break it in practice, defining the end of SHA-1’s useful life and forcing many to update their security policies.
A similar problem has been ominously looming over the WLAN industry for several years. It has to do with WPA2-Personal, a method widely used to limit access to and encrypt Wi-Fi networks at homes and at workplaces around the world.
For the less technical, WPA2-Personal is also known as WPA/WPA2 Pre-Shared Key, used to control access to the network and encrypt Wi-Fi traffic between a Wi-Fi client and the Access Point using a simple passphrase. This is the de facto method by which small business owners, home owners, and many other network owners secure and encrypt their networks.
“What’s the password for the Wi-Fi?” is a common refrain in hotels, restaurants, homes, coffee-shops and many other social gathering places all over the world.
WPA2-Personal is extremely popular as it allows you to use an easy to remember passphrase to access your home network. If someone you know (and trust) needs access, it is as simple as typing in the passphrase. The encryption algorithm itself (CCMP using AES-128) is strong and the use of unique, dynamic keys, negotiated using a four way handshake between the client and AP to encrypt traffic, keeps things reasonably secure.
What is the Problem?
The problem with WPA2-Personal comes in when you start telling people the passphrase. To be precise, the problem with WPA2-Personal is not that the encryption algorithm itself is weak like in the case with SHA-1 above. The problem is that the single key that unlocks everything, spreads by word of mouth. Eventually, you need to expect that password will land up in the wrong hands.
For those of you into the sciences, think of your WLAN passphrase (all passwords actually) as having a kind of half-life. As time goes by, their security level decays.
Problems caused by unknown, untrusted people having access to your WLAN’s WPA2-Passphrase come in two general flavors.
1. Easy Access
First of all, we have all, always known that gaining access to a WPA2-Personal secured Wi-Fi network is trivial if you know the key. It’s built that way by design! It is supposed to be convenient and easy to gain access. Once you know the key you can gain full and unfettered access to the wireless network. If there are no further security policies in place (typical in a small business/home WLAN scenario) you can move around in the network and use whatever resources you want. Copy some data from the Network Attached Storage, start a peer to peer session with a laptop across the hall, access some sensitive files, it’s all right there.
If you connect to my home WLAN, you have access to everything in my home network. You can see my NAS drives, my Apple TV, my laptops, my phones, everything. These networks are typically not built to be secure, they are built to be convenient, to provide plug and play functionality. An attacker can run port scans on any device in the network, test for open services and vulnerabilities, and inject their own programs, malware etc into the devices on the network with impunity.
2. Easy Decryption
Here is a second, lesser known fact about WPA2-Personal encryption. Even though your device uses the WPA2 Pre-Shared Key to negotiate unique dynamic keys which are used for strong encryption, that too can be easily decrypted. As long as the Pre-Shared Key is known and the four-way handshake between your device and the AP has been recorded, your communications are vulnerable. If I don’t have a capture of the four way handshake, no matter, I can simply de-auth you from your own network, and listen for it as you reconnect.
In this scenario, an attacker would be able to capture and decrypt all of your real time communications that are not encrypted at a higher layer. It also opens the ability for the hacker to conduct more intrusive attacks that would not have been possible before. For instance a Man In The Middle Attack mimicking the AP would allow an attacker to observe your online communications and decrypt HTTPS / SSL secured web traffic.
If you ever use a hotspot in a coffee shop and think that it is secure because it has a password, think again and keep the VPN app on your devices running!
Making it Worse
For those focused on securing networks with more sensitive information than the average home, WPA2-Personal has always been considered a non-starter. It is widely accepted that no network that requires strong security policies and access controls should be using it.
WPA2-Personal has been deemed suitable for home snd small office use due to the fact that typically, passwords in the locations spread more slowly, and only amongst small groups of trusted individuals. If an unwanted neighbor or visitor starts hogging the Wi-Fi, change the password and start again. It’s a simple system to manage, and not too arduous or risky.
More recently however, there have been some developments that have prompted me to state flatly that WPA2-Personal is simply no longer good enough, even to secure your home network.
First came Wi-Fi sense, a magical feature in Microsoft Windows 10 that shared Wi-Fi passwords with your contact list and social media connections. The problem with Microsoft’s move (even though they later removed the feature) is that it automatically allowed a large audience of people access to your network without your explicit permission.
In the iOS 11 release, the implementation of Wi-Fi password sharing is more limited and only activated with the explicit permission of someone who has the key. Lord Franks would be proud! I consider this implementation to be not completely irresponsible, but the original problem of passwords being slowly spread, one unauthorized person at a time is still there!
Crypto-Wi: Hold My Beer!
Enter Crypto Wi, a new crypto-currency startup and experts of computer aided voice overs. Crypto-Wi have launched a scheme that puts even Microsoft’s naivety to shame.
Their idea? Monetize the sharing of Wi-Fi pass-phrases.
Thats right, you heard me.
With the Crypto-Wi app you will be able to not only share a Wi-Fi password, but get paid with a crypto currency to do so. Every time someone connects to the network you shared, you will earn a little bit of dosh! You can head over to their website and check out the app here.
On the surface this looks like a fantastic, innovative project for enabling people to buy and sell cost effective Wi-Fi Access. I am fairly sure the three founders of this endeavor are working with the best of intentions, but the potential adverse effects from the disruption they are proposing reach far deeper, into a much more cynical place.
Not only do we live in a world where it is becoming easier and easier to carelessly/maliciously share a WPA2 password, we live in a world where people can actually profit off of it. It is now being incentivized.
Password Sharing Scenarios
Let’s say that you decide to rent out your home WLAN access, that’s pretty cool, and pretty nifty. But remember, unless you’ve taken extra security measures like an internal firewall, whoever is on that network, can get into your whole home network. People you don’t know, who have never entered your home, can pay a small amount to use your Wi-Fi, and get to the internet. They can also scan your local area network and start freely withdrawing and depositing information at will. Still feeling comfortable?
What about when one of your friends comes over and he/she brings another friend. They both use the Wi-Fi and later on, your friend’s acquaintance sells your Home WLAN access on Crypto-Wi?
- Would you even be aware that there was a problem?
- How do you get rid of all of the free-loaders?
- Change the password?
Yeah that used to work, and it might give you some respite for a couple days until your friends come back, but it is not the solution it used to be!
What about a scenario where you own a business, say a restaurant, and a non-technical, foolish employee sells off the internal wireless access on the side? It was never in that person’s interest to do this before, but now that they can make some money from it, why not? The boss will never know, right?
The list of scenarios like this goes on and on. I am sure you can think of a few on your own.
A Shifted Paradigm
Truly the only thing holding WPA2-Personal from being declared completely and utterly pointless is that passwords typically take some time to spread, one person at a time. We know that passwords spread through family homes and small businesses, but at least it is somewhat contained. With a service like Crypto-Wi that whole paradigm of thinking gets blown out of the water!
In this paradigm, using WPA2-Pre-Shared Keys is actually worse than having an open network! At least with an open network a business owner may have a hotspot portal or some other form of control that limits access!
In this paradigm, anybody can come and go and the business owner will have little idea that it is even happening until the data cap is mysteriously maxed out over night. Or perhaps the Internet connection will get so clogged and slow that they will call out a technician to come and “fix it”. In most scenarios, even the technicians won’t realize the real source of the problem.
In a darker and more likely scenario the problem won’t get caught until the business’s bank accounts are emptied or the branch gets a call from the franchise’s head office notifying them that their shop network was the entry point of a global hack of the PoS systems.
In any of the situations above, any malicious party could now easily use Crypto-Wi’s app and pay an anonymous person to join a network without even raising an eyebrow. They wouldn’t even have to enter the venue and ask for the damn password.
Effectively, Crypto-Wi has built a fantastic business model for dismantling what little security Wi-Fi ‘s WPA2-Passwords once granted. They have found a way of sharing the Pre-Shared Key indiscriminately and widely enough that it has made the security offered by the actual encryption algorithm irrelevant. We could use AES-256 and it would make no difference.
The best part is that they have demolished the security of WPA2-Personal in a way that allows them to profit from it without paying a single cent for any of the potential costs of the access they sell or the damage their service will enable.
But is it (really) Dead?
It is my experience that ideas like this do not go away. Even if Crypto-Wi’s service dies, or never reaches the mainstream market, there will be some implementation of this idea somewhere else. This kind of application cannot be regulated and will be impossible to police. Crypto-Wi or any other group with the same idea would have little way of verifying network owners even if they wanted to. Enforcing restrictions on verified contributors who add networks would simply leave space for another less ethical party to attempt the same service with a lower barrier to entry.
In the case of SHA-1, we chose to accept that evidence of a single practical collision in the hashing function was sufficient to finally declare it dead. In the case of WPA2-Personal it is not the encryption algorithm itself that is at fault, but rather the way key management is executed and how the ground underneath some assumptions made 13 years ago has suddenly shifted. It is now possible to share a network key with a wide audience, instantaneously, for direct monetary gain. Sure, you may work in a company full of responsible adults. You may trust your friends. But you can’t trust everyone, and everyone who wants to, can now potentially buy your password.
As far as I am concerned, you can stick a fork in WPA2-Personal. It is now in the same box as WEP and WPS. If someone wants to break it, it is rapidly becoming trivially easy to do so.
Thats all for now!