A couple of weeks ago, my home office ground to a standstill because my trusty Wi-Fi router of nearly six years decided to irrevocably quit on me. Not surprisingly, years of service and the internal heat generatedHighlights in the router were the culprits.
Like many small-office/home-office (SOHO) workers, I totally depend on e-mail and Internet access. So, suppressing the initial urge to panic, I set about looking at what router to buy to get me up and running again.
This crisis started me down a path toward encryption and Wi-Fi security analysis. When my old router was set up, it employed Wired Equivalent Privacy (WEP) encryption to make sure that all my communications were secure.
Today, that system is no longer recognised as secure. Code specialists have proved that WEP is vulnerable and that somebody with the right skills and equipment can crack a WEP key code in just moments.
In 2007, Erik Tews, Andrei Pychkine, and Ralf-Philipp Weinmann of Darmsatadt Technical University in Germany proved it was possible to identify a 104-bit WEP key code with a success rate of 50% using only 40,000 captured packets of communicated information. For 60,000 data packets, the success probability rose to 80%. For 85,000 data packets, it reached about 95%.
The time taken to capture 40,000 packets is typically less than one minute. The actual computation to uncover the code takes only 3 seconds and 3 Mbytes of memory on a Pentium-M 1.7-GHz processor. Today’s laptops could easily handle the hacking calculations.
So my old router was wide open to security attacks, and the answer lay in getting equipment that provided Wi-Fi Protected Access (WPA) encryption codes that are far harder to crack, although not impossible.
What I really need are Wi-Fi firewall facilities that make the code-crackers’ task too hard. It’s what I call Burglar Alarm System Syndrome. Criminals take one look at the external alarm and move onto the nearest house without one.
Establishing the right password is essential in preventing attacks. Modern WPA equipment often uses 13-character sets, whereby a set of ordinary words is intermingled with numbers.
The remaining alpha characters are then jiggled into a random order. Some are made case-sensitive. The resulting permutations to crack this key are so numerous that they do provide a realistic deterrent.
Furthermore, many Wi-Fi device manufacturers have employed designs to eliminate the possibility of weak pass-phrase choices by implementing a method of automatically generating and distributing complex keys when users add a new wireless appliance to a network.
Fortunately, the Wi-Fi Alliance has standardised these methods and certifies compliance with these standards through a program called Wi-Fi Protected Setup. It’s designed to enable typical SOHO users with little understanding of traditional Wi-Fi configuration and security settings to automatically configured new wireless networks and new devices to enable security. For more information, go to www.wi-fi.org/wifi-protected-setup.