• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Wi-Fi Protected Setup (WPS) Undermines Wireless Security

January 4, 2012 By Corey Nachreiner

Over the years, we’ve had to deal with vulnerabilities and weaknesses in wireless security protocols, such as the deprecation of the WEP protocol due to design flaws.  Now, a standard that was designed to make wireless security easier, actually makes it less secure.

For those of you who haven’t heard of Wi-Fi Protected Setup (WPS) — which frankly included me until recently — it is a standard created by the Wi-Fi Alliance to make it easier for home users to configure security settings on their access points, making the task less foreboding for the non-technical.

In concept, I think this is a great idea. I know many average home users that run open access points simply because they find the tech lingo (WPA2, PSK, AES, TKIP, etc.) too overwhelming, or because they can’t be bothered with strong passwords. Making wireless security easier for the average Joe is noble goal. However, in practice WPS will make your WAP less secure.

According to research by Stefan Viehböck (also discovered independantly by another researcher as well), technical flaws in WPS make it embarrassingly simple to brute force a WPS PIN. Without going into too much technical detail, the WPS protocol responds to failed authentication attempts in a way that will both tell you if the first four digits of the PIN are correct, as well as disclose the eighth digit of the PIN. This severely reduces the number of guesses necessary to learn a WPA PIN. Rather than providing the 100,000,000 possible combinations (108) that an eight digit pin should offer, this flaw allows attackers to find the PIN with only 11,000 guesses (104 + 103). Computers can go through 11,000 combinations in no time. Furthermore, many devices that use WPS apparently don’t lockout failed authentication attempts. If an attacker knows your wireless router’s WPS PIN, he can use it to retrieve the router’s wireless network password. So if you use WPS, you should expect  any attacker within range of your Wi-Fi signal can access your network.

The good news is that WPS is not an industry-wide standard. Only some wireless routers and access points use it. If you’d like more details on this issue, US-CERT has released a coordinated alert about it, including some of the router brands that are affected. This includes some well know consumer brands like Belkin, Netgear, D-Link, and others. Since this is a protocol level design flaw, there is no fix. If you use a wireless router that leverages WPS, you should stop using WPS.

By the way, if any WatchGuard wireless appliance owners are concerned with our devices, we do not use WPS and are not affected by this issue.

UPDATE: Researchers have posted a working Proof-of-Concept attack tool for this WPS attack. If you have a device that uses WPS, I highly recommend you disable it, or apply any vendor updates related to this issue. — Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: WiFi, wireless, WPA, WPS

Comments

  1. Yiddish says

    April 3, 2012 at 3:30 am

    Good configuration settings.

    Reply
  2. Kent says

    July 23, 2012 at 8:50 pm

    You make a really good point. Making wireless security easier has made it less secure. Mobile security encryption needs to be more efficient and simplified for the average user.

    Reply
  3. Ladies Golf Bags 2012 says

    March 27, 2014 at 12:25 pm

    Hey tere I am so happy I found your blpg page, I really
    found you by mistake, while Iwas researching on Google for something else, Anyways I am here now and woulkd
    just like to say thanks a lot for a marvelous post
    and a all round exciting blog (I also love the theme/design), I don’t
    have time too browse it all at the minute but I have bookmarked it and also added in your RSS feeds, so when I have time I will be basck
    to read much more, Please do keep up the superb work.

    Reply
  4. tracking an iPhone at this moment says

    July 10, 2014 at 6:40 am

    Hurrah! At last I got a web site from where I be capable of actuaqlly obtain useful data concerning my study
    and knowledge.

    Reply
  5. Claudio says

    July 12, 2014 at 11:34 am

    Thank you for the good writeup. It in fact was a amusement account it.
    Look advanced to more added agreeable from you! By the way,
    how could we communicate?

    Reply
  6. mascarillas para la cara caseras says

    July 23, 2014 at 12:44 am

    Do you have a spam problem on this site; I also am a blogger, and I was wondering your situation; we have developed some nice methods and we are looking to exchange techniques with
    others, why not shoot me an email if interested.

    Reply
  7. Jule I. Standaert says

    September 23, 2014 at 3:20 am

    I am really loving the theme/design of your web site.

    Do you ever run into any web browser compatibility problems?
    A number of my blog visitors have complained about my website not operating
    correctly in Explorer but looks great in Safari. Do you
    have any ideas to help fix this problem?

    Reply
  8. Jesenia I. Danese says

    September 24, 2014 at 7:14 pm

    I’m no longer certain the place you are getting your information, but great topic.
    I needs to spend some time learning more
    or working out more. Thank you for wonderful information I was on the lookout for this information for my mission.

    Reply
  9. Lita Q. Jenkin says

    September 24, 2014 at 7:18 pm

    continuously i used to read smaller articles that as well clear their motive, and that
    is also happening with this post which I am reading at this
    place.

    Reply
  10. Cristine P. Schug says

    September 27, 2014 at 2:19 pm

    I’ve been surfing on-line more than 3 hours lately, yet I never
    discovered any interesting article like yours.
    It is pretty price enough for me. In my view, if
    all web owners and bloggers made just right content material as you did, the internet shall be much
    more useful than ever before.

    Reply
  11. Jovan J. Swinney says

    September 27, 2014 at 6:28 pm

    This is very fascinating, You are a very professional blogger.

    I’ve joined your feed and sit up for in search of more of your magnificent post.
    Additionally, I have shared your website in my social networks

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use