Contact:[email protected]
http://www.computerworld.com/cwi/stories/0,1199,NAV47-68-84-88_STO57597, 00.html Wireless LAN security flawed Report: Systems have several vulnerabilities By BOB BREWIN (February 12, 2001) Computer security specialists at the University of California, Berkeley, sounded new alarms last week about the security vulnerabilities of wireless LANs. But network managers said they're aware of problems with the technology and are beefing up their defenses in response. The Internet Security, Applications, Authentication and Cryptography research group at Berkeley said in a report posted on its Web site (www.isaac.cs.berkeley.edu) on Feb. 2 that it had "discovered a number of flaws" in the Wired Equivalent Privacy (WEP) 40-bit algorithm used to secure all IEEE 802.11 standard wireless LANs. These flaws, the Internet Security, Applications, Authentication and Cryptography (ISAAC) report stated, "seriously undermine the security claims of the system." The ISAAC report said wireless LANs have several vulnerabilities, including a susceptibility to passive attacks aimed at decrypting traffic based on statistical analysis - a process made easier by the broadcast nature of wireless systems. WEP also has flaws that make it easier to inject unauthorized traffic from mobile base stations and that make traffic vulnerable to decryption by tricking the base station, which in turn is connected to a wireless network, the report said. Enterprise network managers said the ISAAC report highlights problems inherent in wireless LANs. But they said savvy users have already factored the vulnerabilities into their defensive architecture. Michael Murphy, director of IS support services at Minneapolis-based Carlson Hotels Worldwide, said his organization plans to deploy a wireless LAN architecture encompassing about 250 properties. "I've been aware of the shortcomings in WEP for some time," Murphy said. "I want something stronger [including] VPN encryption." Tom Mahoney, network manager at Franklin & Marshall College in Lancaster, Pa., is in the midst of deploying a 100-node wireless LAN from Apple Computer Inc. A virtual private network (VPN) "seems to be a reasonable solution to the problem," he said. But "only end-to-end encryption will provide true security." The security warning comes as wireless LANs - which currently provide high-speed connections at 10M bit/sec., with new products in the pipeline that will double that speed - continue to gain popularity in the corporate and home markets. Gartner Group Inc. in Stamford, Conn., estimates that more than half of Fortune 1,000 companies will have deployed wireless LANs within two years. John Pescatore, a security analyst at Gartner Group, said the proliferation of enterprise wireless LANs demands increased security because every laptop equipped with a wireless PC LAN card is a potential "sniffer." Pescatore said the underground hacker community is hard at work developing downloadable scripts to tap into wireless LAN networks, and he predicted that such tools will be available this year. "Within six months, 'script kiddies' are going to be able to drive around corporate campuses" and easily tap into unprotected networks, he said. Phil Belanger, chairman of the Mountain View, Calif.-based Wireless Ethernet Compatibility Alliance, downplayed the ISAAC report. "This is not new news," Belanger said, noting that the IEEE has a group working to beef up wireless LAN security. Organizations should take steps to secure their wireless LANs, he said, suggesting that they could use 128-bit keys and exchange data over VPN "tunnels" when using a wireless LAN. Vendors started taking steps last year to enhance wireless LAN security. The Orinoco division of Lucent Technologies Inc. in Murray Hill, N.J., and Cisco Systems Inc. in San Jose have introduced products that provide automatic encryption key generation and distribution of enhanced keys on a per-session basis. Back to the Index