14 DAY TRIAL // Routers that have a weak implementation of the WiFi Protected Setup (WPS) security standard are vulnerable to a new type of offline attack that could offer access to the network in seconds.
A brute-force attack would reach the same end in a few hours, but the new one, presented by reverse engineer Dominique Bongard from 0xcite, requires a single guess to uncover the correct PIN code for accessing the device’s WPS functions.
The method used by the researcher relies on exploiting weak randomization in keys used for the authentication of hardware PINs. This is not possible in all implementations of WPS, but Bongard discovered that the issue was common to Broadcom chipset manufacturer and to another, undisclosed one.
Devices with WPS enabled allow users to provide the WiFi Protected Access (WPA) passphrase to stations based on the right PIN code, making it easier to offer access to a protected network.
WPS uses two main methods for adding devices to the network: one relies on pushing a button available on the device and another on entering an 8-digit code present either on a label on the device or in the documentation from the manufacturer.
In the attack described by Bongard, the PIN is calculated offline, which means that a security measure, like limited attempts, becomes completely inefficient.
Manufacturers rely on standard code for the custom router software, thus perpetuating the problem to the final product. According to Bongard, the code from Broadcom had weak randomization of the numbers.
With the second vendor, the issue is even more severe, because there is no randomization at all.
In a statement to Ars Technica, Carol Carrubba, spokeswoman for Wi-Fi Alliance, who introduced the standard in 2006, said that “it is likely that the issue lies in the specific vendor implementations rather than the technology itself. As the published research does not identify specific products, we do not know whether any Wi-Fi certified devices are affected, and we are unable to confirm the findings.”
The previous attack that broke WPS consisted in reducing the possible combinations of the brute-force attack to only 11,000 guesses, which can be done in a matter of hours (less than four).
Regardless of the method used, the only way to prevent against this flaw is to disable WPS functionality altogether.
According to the researcher, the prevalence of the problem is difficult to determine because many of the implementations are the reference code for the chipset; but, at the same time, plenty of vendors employ different chipsets, even for the same model number.