WPA hacked: has the sky fallen in yet?

You've probably heard the news that Wi-Fi Protected Access has been hacked.

Well, not exactly. The Temporal Key Integrity protocol (TKIP), the encryption scheme used in WPA, has been hacked, under certain apparently very specific conditions.

If you're using the Advanced Encryption System (AES)instead of TKIP for encryption, with WPA2 or WPA-Enterprise, then you don't have to worry about this hack.

The full details of how TKIP is compromised won't be known until next week when the researchers who figured it out, Erik Tews and Martin Beck, present what's being described as the first practical attack on WPA at the PacSec 2008 conference in Tokyo.

But as Josh Wright makes clear in this 2006 explanation, TKIP was intended from the beginning as an interim solution, to boost protection for existing Wi-Fi gear that until then had only been protected by the woefully inadequate WEP protocol.

As of March 2006, the Wi-Fi Alliance's more advanced WPA2 specification, with AES and 802.11i authentication among other elements, became mandatory on all new Alliance-certified Wi-Fi products. Modern equipment will support WPA2 with AES.

I talked today with Jon Green, head of product marketing for Aruba Networks about this, who's been tracking this. According to Green, the newly revealed attack can be detected, through TKIP's built-in countermeasures. It's unclear to me at this point how easy it is to do that.

Secondly, he says, the attack only works when the WLAN has enabled the Wi-Fi MultiMedia (WMM) QoS settings (based on the 802.11e standard). According to Green, WMM currently is rarely active on enterprise networks. Third, the attack can only work on traffic that's being sent from the WLAN access point to the client PC, not the reverse.

Having said all that, this remains a real issue. How serious an issue depends on several things. Some enterprise WLANs are set to what's called "mixed mode operation," which allows whatever encryption the client negotiates with the access point. So the question is: how many of your WLAN clients are using TKIP?

Green says that Aruba has a simple command that will let a network manage see what the client is using. He thinks most if not all vendors have something similar.

There are short term steps you can take, according to Green. One is reset your WLAN to issue a new set of encryption keys at some more frequent interval, say every 10 minutes. The attack currently takes 12-15 minutes to mount. Secondly, Green says, you can turn off the WMM QoS features. Finally, implement AES as mandatory encryption scheme.

Those sound simple, of course. But you may have a variety of support issues for users' client devices (mainly laptops probably) or performance issues for some applications in the case of WMM.