Why you shouldn’t use WPS on your Wi-Fi network

Davey Winder Read more April 16, 2012

It probably doesn’t need repeating that WEP security for Wi-Fi has long ago been cracked open wider than Humpty Dumpty in an earthquake, nor that WPA is as safe as a Lib Dem MP’s majority. And yet, a recent survey by web-hosting outfit UK2 in conjunction with YouGov reveals that the British public, if asked “is your Wi-Fi connection encrypted?” will typically answer “not bovvered”.

Why you shouldn't use WPS on your Wi-Fi network

Of those asked, 56% never or rarely check to see whether a hotspot is encrypted before logging into it. These same folk are far more likely to secure their home Wi-Fi, so it isn’t just a failure of awareness but more like an excess of trust. Trust, that is, in the hotel or the coffee shop or the pub that offers Wi-Fi for free – and the service provider.

To gain access to your supposedly secure wireless network, he doesn’t require physical access to your router, computer or anything else

Such trust is often misplaced, which is where the potential security risk lies, and which lines me up nicely for the actual story that caught my attention – namely, that the Wi-Fi Protected Setup (WPS) protocol has been well and truly compromised. WPS is that button you probably pressed to secure your wireless router when you were setting it up for your home or small-business network, the one that helpfully did away with all the manual security configuration and made setting up wireless security both simple and quick. Or so you thought.

The truth is less encouraging, because WPS is vulnerable to attack, but not the big red button part of it. There’s another aspect to WPS that comes not via a button press but via an eight-digit PIN to enter, and it’s this PIN version of the WPS protocol that’s proved much less secure than everyone assumed. It turns out that in order to crack this encryption via a standard brute-force attack, the hacker doesn’t need to uncover all eight digits, which would require a great deal of time and computing power. Instead, they have to decipher only the first four digits of the PIN.

Yes, you read that correctly: that secure-looking PIN isn’t all that secure. Sure, bank cards employ a four-digit PIN and both the banks and their customers seem happy enough to place their trust in this when using cards in a cash machine, but there’s a big difference between these two seemingly identical instances of authentication.

To take your money out of an ATM, any would-be bad guy has to be in possession of your physical card as well as being able to guess or otherwise obtain its PIN. To gain access to your supposedly secure wireless network, on the other hand, he doesn’t require physical access to your router, computer or anything else – he can just set his own PC to try every possible combination. (There’s a useful “how long to crack my password” calculator at the Steve Gibson GRC security site: maths boffins will point out its shortcomings, but it’s good enough for back-of-a-fag-packet estimates.)

Security researchers have released a tool called Reaver that can exploit this flaw, and enables anyone to crack the simpler WPS PIN and access the cleartext version of the router’s WPA2 pre-shared key (PSK), which is then revealed as a result. The full PIN would have more than ten million combinations, but the reduced digit PIN has only 11,000 or thereabouts. Remember, it matters not a jot how complex the PSK lying behind your PIN is – by using the WPS PIN method, you’ve “protected” your Wi-Fi network using what is in effect only four digits.

A Google search for PSK hacking tutorials will demonstrate that even without this WPS PIN vulnerability it’s quite feasible to find a WPA2-PSK by brute force, but it would take very much longer and a potential hacker would need a very good reason to invest the time and resources required. Reduce that time and resource requirement sufficiently and suddenly your router and Wi-Fi network become more attractive targets for a casual hack.

It isn’t all bad news: you can simply disable the WPS feature on your router to remove the PIN that the likes of Reaver will be looking for. I believe, but at the time of writing have no details to back up this belief, that a number of router manufacturers have either released or are working on firmware updates to close the vulnerability, one assumes by turning off the PIN (which not all routers have a user configuration option for).

Better still, start over again and set up your Wi-Fi network using a long and complex PSK to make brute-force attacks impractical: think in terms of 32 characters or more, with the usual mix of letters, numbers and special characters. Using that Haystack calculator I mentioned above, you’ll see that a simple four-digit PIN takes only seconds to crack, but a complex 32-character password would take 6.22 thousand trillion trillion trillion centuries – even under a worst-case scenario of a massive cracking array being used to perform a hundred trillion guesses every second!

WPA2-PSK, the pre-shared key implementation beloved by the stereotypical dangerous small-business man, was cracked a couple of years ago, and WPA2 with TKIP isn’t a secure option either, making Wi-Fi – for many people – quite simply insecure. WPA2 with AES is okay, as is WPA2-Enterprise with a RADIUS authentication server or even WPA2-PSK with a 32-character key. Since WPA2-PSK actually supports keys up to 63 characters, and most wireless devices cache that key forever so that it needs to be entered only once, it isn’t that difficult to work out what you should do – yet long passwords are still all too often seen as unnecessary and too complex. Sigh…