Just when we all thought wireless security was getting more stable, up pop two old weaknesses in wireless security which could make WPA worse than WEP

With WPA on the way, as an interim to the IEEE's all-singing, all-dancing security update, 802.11i, the Wi-Fi industry is ready to settle back and worry about other things than security. However, two experts independently chose this week to remind us that old weaknesses can make the continued gaps in Wi-Fi security more serious than they might otherwise be.

In a paper posted at the Wi-Fi Technology Forum, GianLuigi Me, a lecturer at the University tor Vergata of Rome, argues that the vulnerability of any wireless encryption can have far worse consequences than is usually thought, because of well-known weaknesses with the SNMP management protocol.

SNMP (simple network management protocol) is used to monitor and control the performance of network equipment. Designed for a wired network, it was not created with eavesdropping in mind. Many access points can be managed by SNMP over the wireless link, which would allow the hacker to reconfigure the access points.

The most widely implemented version of SNMP protects the network with a password the "CommunityName", which the network management station must give to the network device in order to perform any management task. Most management products, out of the box use a default name, "public", but even if this is changed, the password is at risk, because SNMP sends it in cleartext. If the wireless network uses WEP encryption, a malicious hacker only has to break that to get the SNMP password and have administrator privileges, allowing him to change any settings on the Wi-Fi access point. Meanwhile, for those who have moved on to WPA, the Wi-Fi community's interim security standard, comes a salutory reminder that WPA security only as good as the passphrase chosen by the user to set up the keys used.

The warning comes from Robert Moskowitz, senior technical director pf ICSA Labs, who points out that WPA allows users to have a "pre-shared key" from which encryption keys are generated. This can be a random number or a passphrase, but many users will pick a passphrase consisting of English words. If they do, then the hacker only needs to detect the initial handshake, and carry out a dictionary attack, to have access to all subsequent data, despite the fact that the keys continually change, since all these keys can be worked out from other information the hacker can know. "The whole keying hierarchy falls into the hands of anyone possessing the PSK, as all the other information is knowable," says Moskowitz.

According to Moskowitz, this weakness makes WPA, in some cases, worse than WEP, the insecure standard it replaces: "The risk of using PSKs against internal attacks is almost as bad as WEP," he says. "The risk of using passphrase based PSKs against external attacks is greater than using WEP."