A brief history of Wi-Fi security protocols from “oh my, that’s bad” to WPA3
Thanks to upcoming developments in Wi-Fi, all of us connectivity-heads out there can look forward to getting familiar with new 802.11 protocols in the near future. Ars took a deep look at what’s on the horizon last fall, but readers seemed to have a clear request in response—the time had come to specifically discuss the new Wi-Fi security protocol, WPA3.
Before anyone can understand WPA3, it’s helpful to take a look at what came before it during The Dark Ages (of Internet)—a time with no Wi-Fi and unswitched networks. Swaths of the Internet today may be built upon “back in my day” ranting, but those of you in your 20s or early 30s may genuinely not remember or realize how bad things used to be. In the mid-to-late 1990s, any given machine could “sniff” (read “traffic not destined for it”) any other given machine’s traffic at will even on wired networks. Ethernet back then was largely connected with a hub rather than a switch, and anybody with a technical bent could (and frequently did) watch everything from passwords to Web traffic to emails wing across the network without a care.
Closer to the turn of the century, wired Ethernet had largely moved on from hubs (and worse, the old coax thinnet) to switches. A network hub forwards every packet it receives to every machine connected to it, which is what made widespread sniffing so easy and dangerous. A switch, by contrast, only forwards packets to the MAC address for which they’re destined—so when computer B wants to send a packet to router A, the switch doesn’t give a copy to that sketchy user at computer C. This subtle change made wired networks far more trustworthy than they had been before. And when the original 802.11 Wi-Fi standard released in 1997, it included WEP—the Wireless Encryption Protocol—which supposedly offered the same expectations of confidentiality that users today now expect from wired networks.
In retrospect, WPA3’s early predecessor missed the mark. Badly.
WEP—the original Wireless Encryption Protocol
If you want to describe WEP with a single word, that single word should be “awful.” The original release of WEP required a 10-digit or 26-digit hexadecimal preshared key, which would look something like this: 0A3FBE839A. It was deadly serious about both the hexadecimal (0-9 and A-F) part and the 10-digit or 26-digit part—put in one digit too few or one too many, and you got an error and nothing worked. Put in a character that wasn’t in the 0-F range, and you got an error and nothing worked.
Unsurprisingly, most people—even in business settings—turned this early WEP off, that is, if it was even enabled in the first place. If you think expecting people to effectively and accurately share 10- or 26-digit arbitrary hexadecimal numbers seems unreasonable now, just imagine trying to do it in 1997. Roughly half of the workforce still hadn’t mastered the double-click.
Later revisions of WEP offered the ability to automatically hash a human-readable password of arbitrary length into those 10- or 26-digit hexadecimal codes in a way that was consistent between the clients and the routers. So while WEP really still worked on raw 40-bit or 104-bit numbers, you could at least share those numbers in ways where actual humans wouldn’t immediately revolt with torches and pitchforks. Beginning with this shift from numbers to passwords, WEP started seeing much more heavy usage.
While it was nice that people were actually using WEP, this early security protocol was still pretty terrible—for one thing, it used deliberately-weak RC4 encryption, because the US Government was still treating encryption algorithms as “weapons” which couldn’t be exported overseas. And even if you handwaved away the weak encryption, you were still vulnerable to sniffing from anyone else joined to the same network. Since all traffic was encrypted and decrypted with the same PSK, Eve at the coffee shop could (and all too frequently, did) easily intercept and read any traffic Bob sent out to the Internet. There was no real skullduggery required.
As if all of this weren’t bad enough, WEP has serious, unfixable cryptographic weaknesses which can be exploited to crack any WEP network in minutes.