How To Secure Your Wireless Communications
by David Fisher
into all sorts of arcane, geekified minutae regarding computer communications
and cryptographic algorithms, lets first add some background.
Cryptographys goal is to protect messages (information) for
as long as the information has exploitative value. In other words,
if I have information that is useless a week from now (say the fact
that Im throwing a surprise birthday party for my friend),
then it doesnt matter if the message gets compromised after
that date. If, on the other hand, Im involved in a hostile
takeover of a company, then it may have value for years; then, I
would want to protect that information for years. Cryptographys
goal is not necessarily never to be compromised. Yes, the mathematicians
may be able to theoretically do this, but for general, everyday
use, that is not what is necessary to protect yourself.
algorithms are the choice of governments (and others) worldwide
who have the ability to share private keys through some sort of
distribution method. Symmetric algorithms are extremely fast because
they dont have to negotiate the exchange of keys. In addition,
they are extremely secure as the actual keys are never available
on a communication circuit, whether that is a wireless circuit,
radio or a fixed land line. In this type of encryption, both parties
MUST have the same key loaded into their encryption/decryption device
or software. As is readily apparent, this system quickly becomes
clumsy as the number of communicating parties increases, as all
of them have to have the same key loaded at the same time. In addition,
the distribution of the keys in a secure manner also becomes extremely
problematic and cumbersome (you wouldnt want to call up your
buddy on an unsecure line and say hey buddy, the new symmetric
key is XYZ123? as it could be compromised; this is how asymmetric,
public key cryptographic algorithms came into being.
In the previous
section we discussed symmetric cryptography which is great where
two or more people know and trust each other and can exchange the
keys in a secure manner, perhaps by meeting at the airport or pub
and agreeing on a new password, then destroying any evidence of
it. However, theres a big glaring hole: how do people who
dont know each other personally exchange keys without the
keys becoming compromised? In addition, how does one ensure that
if a key is shared once, that it doesnt get promulgated everywhere
and all of your communications become compromised? This is where
public key cryptography comes in. Public key cryptography is known
as an asymmetric algorithm because the two parties communicating
do not share a common key. Instead,?? if I want to receive encrypted
communications (whether a sensitive email, an encrypted web session
with Amazon, or whatever), I can publish a public key that anybody
can get and they use that to encrypt my message. However, in addition
to the public key, I also possess a private key that only I know.
I use this private key to actually decrypt the incoming message.
Because these two keys are related in a unique combination and only
I have the private key, nobody can decrypt communications encrypted
with my public key unless theyve extracted the private key
out of me.
Complexity and Randomness
The key to
good key (password) strength is length, randomness and complexity.
course, is how many characters long is it. The longer the password,
the exponentially harder it becomes to break it. For instance, a
four digit PIN number, like on your ATM card, has only 10,000 possible
combinations (10 possible digits raised to the 4th power, or 10x10x10x10).
Your cell phone could try all 10,000 combinations in less than five
seconds, my home workstation would take less than a second to crack
your PIN number if I had a card reader attached to it and your card
inserted. However, note here that the security is in the fact that
I need to possess your actual card (or make a copy of the data with
device. Note, because it is so easy to brute force test every
PIN number, the need to record your PIN number with the skimming
device, like the article implies, is not true). Now think if you
just added one digit to your PIN, now I have to try 100,000, for
six, 1,000,000 etc. However, even trying 100,000,000 combinations
is trivial for modern day laptops and desktops. So, next, we have
to toss in complexity.
refers to how many different characters are available in the key/password/PIN.
As I showed above, using only four digits, like on an ATM card,
severely limits the security because it is not nearly complex enough.
If your PIN is restricted to just numeric digits, as demonstrated
above, there are only 10,000 possible combinations. Now lets
say that you can have both letters and numbers. In the English alphabet,
that gives us 26 letters and 10 numbers, for a total of 36 different
possible characters. Doing the math on 36^4 (36x36x36x36) combinations,
we now have 1,679,616 combinations to plow through, still relatively
easy, but certainly a bigger problem. Now lets say that we
can have both upper and lower case and 10 numbers, so now we have
62^4 or 14,776,336 combinations. Finally, if we add in all of the
punctuation marks found on my keyboard, I have 92^4 or 71,639,296
combinations to try. And that is just with a four character key!
To put it in perspective for you, if you use just a minimum key
length of ten characters and you use a complex password that contains
upper and lower case, punctuation and digits, the possible combinations
are 92^10 or 43,438,845,422,363,200,000! So you can see that complexity
really adds to the security of your passwords.
part everyone forgets about, is randomness. The above theoretical
maximum combinations are of no use if you use combinations of words
that are in a dictionary (in any language) or follow some sort of
keyboard pattern. If the person who is attacking your encryption
(password or key) knows anything about you, any personal information
will help him or her break your key quickly. That is why security
people harp on not using the names of family, friends, pets, birthdays,
anniversaries, etc. It is better to have a 10-12 digit, truly random,
password or key and never change it unless it is compromised, than
to be constantly changing your password using some predictable pattern
that uses words out of a dictionary or personal information. Now
that we have some background in the basic cryptography going on,
lets turn to the practicals of how to secure your wireless
Your Wireless Computer Network
Here are the
steps to securing your wireless network:
and implement the strongest encryption algorithms and protocols
that your router supports, upgrading if necessary.
- Change your
network name (SSID) and make sure that your router does not advertise
the network name.
- If your
router has the option, reduce the broadcast power setting so that
the signal does not work outside of the physical space you need
it to (your house, or possibly your house and backyard). Be especially
careful that your network is not able to be used from the street
in front of your residence.
your Encryption Protocols
There are three
generally available encryption algorithms in use with wireless routers
or access points. For home networks these are WEP, WPA and WPA-II.
WEP is deprecated
(not used) anymore. If your wireless router uses this protocol and
has no other, you should upgrade to one running at least WPA. This
is because the authentication method used is extremely susceptible
to compromise, especially if you are using Shared Key authentication,
which is a symmetric algorithm. Wait a minute, you are saying, I
thought you said that symmetric algorithms were probably safer because
only I (and the router that I configured) would know what key is
being used to encrypt the data? This would normally be the case,
however, lets check out how it actually works.
In Shared Key
authentication, the WEP key is used for authentication. A four-way
challenge-response handshake is used:
- The client
station sends an authentication request across to the wireless
- The router
sends back a clear-text challenge.
- The client
encrypts the challenge using the configured WEP key, and sends
it back in another authentication request.
- The router
decrypts the material, and compares it with the clear-text it
had sent. If it matches what was sent, then it grants access to
the wireless network and the router and the client continue using
the shared, symmetric key.
Do you see
the problem here? If Im Johnny hacker hanging out with my
laptop, all I have to do is start listening into your network and
capturing packets looking for an authentication request. Because
the encryption algorithm is publicly known, and I have a clear-text
message, all I have to do is start capturing packets and trying
different keys until I get the clear-text message to match the encrypted
the amount of network traffic a successful key recovery can take
as little as one minute. If an insufficient number of packets are
being sent, I can always add packets on the network, stimulating
reply packets to aid in finding the key. WEP is easily compromised
by just a basic hacker/cracker with a laptop and freely available
software such as aircrack-ng.
The Wi-Fi Alliance
developed WPA (Wi-Fi Protected Access) in 2003 to address WEPs
weaknesses. Improvements included TKIP Temporal Key Integrity Protocol),
which changes the encryption key for each data transmission, unlike
with what we saw in WEP. WPA is theoretically breakable, but can
be secure on a practical level. With a strong password (as described
above in my password discussion: make sure you have complexity and
randomness and 21 characters or more) a WPA network can withstand
an attack for years. With this type of setup, by the time someone
gets around to breaking the key on that one packet of information,
then the information should be useless to whomever was seeking it
because its value has expired.
In 2004 WPA
II (WPA2) came out and switched to using AES (Advanced Encryption
Standard) instead of TKIP. AES is a stronger protocol than TKIP
and should be used if possible. algorithms are vulnerable, as any
algorithm is, to a brute force attack. Thus, your password/key should
be as long as possible and not shared with any non-trusted persons
or entities. Given the choice between WPA and WAP II, WPA II should
be your first choice.
off Network Advertising/Broadcasting
The next step
is to stop advertising your network. Although this step helps, it
is not going to stop a serious hacker (or government) snoop, but
it will slow down the hackers that are out wardriving
looking for targets of opportunity. This is a three part step. First,
login to your wireless router and (using the documentation for your
device) disable broadcasting of the SSID (network name). Secondly,
while you are in there, you will also want to change the network
name; if you dont, then anybody whos seen a packet before
(like your pesky neighbor thats been freeloading for the past
few years) will still be able to connect to it as they will have
the SSID. I recommend using a random string of characters for the
network name, just like you used for the password for maximum protection;
this is because any would be hacker will now have two highly random
and complex things to try and figure out. Lastly, you will have
to go back and reconfigure your wireless devices that attach to
the network to use the new SSID name and password.
Power and Router Location
want to reduce the broadcast power and work at shifting the physical
location of your device so that it cannot be accessed or seen from
the street in front of your house or, if you have one, the alley
in back. These devices are really two-radios with an omnidirectional
antenna, meaning that they broadcast in a sphere outwards from where
the antenna is located. What I recommend is placing the device somewhere
near the middle of your location, then setting the broadcast power
at its lowest setting. Now, take you laptop or other wireless device
and step out on the front porch. Can you still use the network?
If not, you might want to up the power setting one notch. Once you
can use it on the front and back porch/deck area, carry the device
out to the street. Can you still access the network? If so, you
might want to adjust the power down so you cant. Keep playing
with the location and power setting until you can use the network
where you need it, without it being usuable from the public access
points (aka roads and alleys) around your home.
iPads and Other Wireless Devices
If your cell
phone or other wireless device has a navigation feature, then it
probably has GPS (actually, GPS + some nifty software to triangulate
off of cell towers). I recommend that you turn off the GPS chip
in your phone by default, only turning it on when needed for navigation.
There are several reasons for this: first, if you have a social
network you access from the device, it will geo-tag where you are
when making updates
embarrasing if the boss figures out you
were really at Club Wild instead of at the docs office. Secondly,
any picture you take, with the GPS chip on, gets geo-tagged with
its location. If you decided to drop off the grid but
upload some photos to Flikr
then those photos have metadata (i.e. data about the
photo) embedded into the photo which is accessible to someone via
google maps. Enterprising criminals can then figure out, just by
the photos, where your home is, where you like to have lunch, where
family members live/are, etc. Not good.
All cell phones
have the ability to remotely turn them on, even if they appear to
be powered off. They can also be turned into remote listening devices
without the pesky nuisance of installing a bug. The cell phone will
not appear to be powered on if it has been remotely turned on. Ditto
for being able to turn on the GPS feature and figure out where you
are at. The only way to circumvent this is to remove the battery
and SIM card from the phone. Removing the battery provides better
protection than removing the SIM.
One can take
steps to protect their wireless personas. While one can really dive
down a rabbit hole ala Enemy
of the State, thats not necessary to provide yourself
some serious protection. Highlights are: dont advertise your
wireless home network, use WPA II, use strong passwords and turn
off your GPS features and remove batteries from phones (sorry iPhone
users, android phones win here) when not in use.
David Fisher [send
him mail] blogs at David
Fisher Enterprises LLC.
© 2011 David Fisher