« Intel Launches the 'Cedar Trail' Atom Platform | Main | Evernote vs. OneNote »
Thursday
Dec292011

News: Researcher finds vulnerability in WPS protocol

DateThursday, December 29, 2011 at 10:35AM

Linksys E2500Stefan  Viehbock has just discovered a major security vulnerability which allows someone to use a brute force attack to access a WPS PIN-Protected network in about two hours. According to Viehbock, a design flaw allows the WPS protocol’s 8-digit PIN security to fall dramatically as more and more attempts are made. This flaw after each failed attempt will cause the router to send a message stating whether the first four digits are correct while the last digit of the key is used as a checksum and then given out by the router in negotiation. This results in what was a 100,000,000 possible choices that was initially considered for WPS security level to drop drastically down to around 11,000.

The reasoning behind the original design was to make it easier to bring new device onto your home network more easily especially for unskilled home users. This method now allows it to be much easier for hackers to break into a secure Wi-Fi network as well.

"A few weeks ago I decided to take a look at the Wi-Fi Protected Setup (WPS) technology,"Viehbock said in a blog post. "I noticed a few really bad design decisions which enable an efficient brute force attack, thus effectively breaking the security of pretty much all WPS-enabled Wi-Fi routers. As all of the more recent router models come with WPS enabled by default, this affects millions of devices worldwide."

US-CERT said in its warning that there is no known fix to the security problem. Instead, the group recommends that users disable the WPS function on their routers. The warning lists several wireless router vendors as selling devices that are affected by the security hole: Buffalo, D-Link, Cisco Linksys, Netgear, Technicolor, TP-Link, and ZyXEL.

US-CERT indicated in its warning that it notified router vendors that are affected by the security issue in early December, but so far the vendors have not offered a response nor have any of them issued statements.

For more information:

AuthorBob Appleby | CommentPost a Comment |
in , , , , ,

PrintView Printer Friendly Version

EmailEmail Article to Friend

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

Notify me of follow-up comments via email.