The latest crack in wireless Internet security, specifically, the Wi-Fi Protected Access (WPA) security standard, can threaten the safety of enterprise networks and business-sensitive information or data. Last week we explained how to cope with WPA cracks. Today we explain how to avoid them altogether, and what the difference is between WEP, WPA and WPA2.

It's been seven years since 802.11's Wired Equivalent Privacy (WEP) was cracked. WEP's first replacement, Wi-Fi Protected Access (WPA), has been required of all new Wi-Fi certified products since late 2003. But last month, reports surfaced about a crack in WPA -- specifically, a new attack against the Message Integrity Check (MIC) used by the Temporal Key Integrity Protocol (TKIP). While this new attack is not a death-knell for wireless local area networks (WLANs) using WPA, it is a note-worthy chip in their armor that you can avoid.

How we got here

To get a handle on this latest attack, you need to appreciate the differences between WEP, WPA, and WPA2, and how WEP cracking caused 802.11 standards to evolve.

WEP uses RC4 to scramble (encrypt) data exchanged between wireless access points (APs) and clients, applying a Cyclic Redundancy Check (CRC) checksum to spot errors. Anyone can record WEP-encrypted packets, but they cannot interpret them without the WEP key to decrypt them. Unfortunately, attackers quickly learned how to analyze WEP-encrypted packets to guess (crack) that key. Because the same WEP key is used by every client to encrypt every packet sent to a given AP, a cracked key can decrypt all future packets, no matter who sent them. As a result, WEP cannot really stop 802.11 data eavesdropping.

TKIP was created as a quick fix for older APs and clients that were crippled by WEP. Instead of using the same key to encrypt every packet, TKIP uses RC4 with a different key for each packet. These per-packet keys neutralise WEP encryption crackers. In addition, TKIP uses a keyed Message Integrity Check (MIC) to detect packets that are replayed or forged. Anyone can send (that is, inject) a TKIP-encrypted packet that has been captured and modified, but those packets are dropped because the MIC and checksum do not match the data carried by the packet. APs using TKIP usually transmit an error report when the first bad MIC is received. If a second bad packet arrives within 60 seconds, the AP stops listening for another minute and then "rekeys" the WLAN, requiring all clients to start using a new "pairwise master key" to generate both the MIC key and those per-packet encryption keys.

This plugged the gaping holes left by WEP. All WPA-certified products can use TKIP and its MIC to resist 802.11 data eavesdropping, forgery, and replay attacks. But even back in 2003, the IEEE knew there were more efficient and robust ways to provide this security. This is why 802.11i also defines a Cipher Block Chaining Message Authentication Code Protocol (CCMP) which uses the Advanced Encryption Standard (AES) to replace TKIP and its MIC. All Wi-Fi certified products must now support Wi-Fi Protected Access Version 2 (WPA2), letting customers choose the right security for their WLAN. WPA2-certified APs that talk to older clients may permit either TKIP or AES-CCMP, while those with new clients only can insist on AES-CCMP.