Payment standards body will let failed security protocol lapse
In what is supposed to be a fast-moving industry, a security hole in an encryption system for global banking has been open for seven years. Yesterday, finally, a standards body mandated that the hole must be closed by 2010.
In its latest amendment to its security standards document, the Payment Card Industry (PCI) Security Standards Council has agreed to finally discontinue the promotion and use of an encryption standard for wireless communications whose integrity was shown by security engineers to be easily penetrated seven years ago.
As first reported widely by Wi-Fi Networking News' Glenn Fleishman, the PCI standards body's Data Security Standards document version 1.2 will prohibit the use next year of Wired Equivalent Privacy (WEP), an encryption standard originally created for use with 802.11 Wi-Fi. According to the PCI's summary of changes (PDF available here, see page 6), WEP will be discontinued for use in new wireless payment devices, after March 31, 2009; and has been ordered discontinued in existing implementations after June 30, 2010.
"While version 1.2 does not introduce any new major requirements to the existing 12 in place since the Council's inception, the updates do change some practices, such as the sun-setting of implementations of Wired Equivalent Privacy (WEP) wireless security by June, 2010," reads a statement from the PCI group yesterday.
The problem was that the methodology for cracking WEP has been publicly known for years; in fact, in this InformIT article by Seth Fogie, he explains precisely how it can be done mathematically.
WEP's encryption process relied on the generation of a pseudo-random private key called the initialization vector. By itself, this 24-bit key seemed fairly effective. The problem was that the key was relatively short. As a result, if a malicious user could capture about 7 GB or more of a transmission stream, he could probably detect where the key repeats itself. That would reveal its location in the stream. What's worse, since the generation of the bits in the pseudo-random sequence used a ridiculously simple algorithm, if the hacker worked the algorithm backwards, there's a likelihood he could unravel the entire key.
While the effectiveness of WEP as a privacy protection tool was widely known to have been equal to that of a fishnet against mosquitoes, financial institutions had already made significant investments in existing technology, and were unwilling to write it off. In the meantime, a cottage industry emerged in snap-on solutions that promised some form of shielding against the WEP security hole.
As that industry evolved (because it had the time to do so) it defended its own turf by convincing institutions that the long-term solution -- scuttling WEP -- may be too expensive. Witness the text of this advertisement for Motorola's AirDefense security product, which is still sold today: "There are tens of thousands of legacy WEP devices already deployed, such as wireless scanners, portable data terminals, wireless POS, VoWLAN phones, and embedded Wi-Fi clients and many may not be firmware upgradeable to stronger encryption protocols. Although wireless security professionals have long known of the need to use technologies stronger than WEP, organizations may require months or years before such a change can be fully implemented. The cost of such upgrades can be in the millions. AirDefense's WEP Cloaking technology enables companies to preserve their existing and often considerable investment in wireless devices even after their security life-span has seemingly expired."
The replacement for WEP has been available since 2003: Wi-Fi Protected Access (WPA), a standard of the Wi-Fi Alliance whose second version (WPA2) has been available for the past four years. Now, institutions that have avoided taking the plunge even though they'd known their security systems were vulnerable, if not non-existent, since before 9/11, will have 20 months to plan their migrations.