Flaw lets hackers break your WiFi router's security with one guessNew WPS vulnerabilities exposed
2014-09-01 09:07 by Daniela
Tags: router, security, flaw, WPS
Security researcher Dominique Bongard announced that a new attack on wireless routers with poorly implemented versions of the Wi-Fi Protected Setup allows someone to quickly gain access to a router's network.
While previous attacks require up to 11,000 guesses - a relatively small number - and approximately four hours to find the correct PIN to access the router's WPS functionality, the new attack only requires a single guess and a series of offline calculations.
The vulnerability isn't present in every router, but according to Bongard it's in relatively common chipsets from both Broadcom and another, unnamed company. Broadcom products lacked key randomisation while the unnamed vendor (not Atheros, Bongard said in response to rumours), used a non-random seed value or nonce.
The Wi-Fi Alliance, in turn, said that the flaw likely stems from how companies implement wireless networking, rather than anything inherent to how the technology works.
"A vendor implementation that improperly generates random numbers is more susceptible to attack, and it appears as though this is the case with at least two devices. It is likely that the issue lies in the specific vendor implementations rather than the technology itself. As the published research does not identify specific products, we do not know whether any Wi-Fi certified devices are affected, and we are unable to confirm the findings," reads a statement from Wi-Fi Alliance spokeswoman Carol Carrubba.
Whatever the root cause may be, the easiest way to protect against this exploit right now is to turn WPS off.
Read more -here-