Quick Links
By now, most people know that an open Wi-Fi network allows people to eavesdrop on your traffic. Standard WPA2-PSK encryption is supposed to prevent this from happening -- but it's not as foolproof as you might think.
This isn't huge breaking news about a new security flaw. Rather, this is the way WPA2-PSK has always been implemented. But it's something most people don't know.
Open Wi-Fi Networks vs. Encrypted Wi-Fi Networks
You shouldn't host an open Wi-Fi network at home, but you may find yourself using one in public -- for example, at a coffee shop, while passing through an airport, or in a hotel. Open Wi-Fi networks have no encryption, which means everything sent over the air is "in the clear." People can monitor your browsing activity, and any web activity that isn't secured with encryption itself can be snooped on. Yes, this is even true if you have to "log in" with a username and password on a web page after signing in to the open Wi-Fi network.
Encryption -- like the WPA2-PSK encryption we recommend you use at home -- fixes this somewhat. Someone nearby can't just simply capture your traffic and snoop on you. They'll get a bunch of encrypted traffic. This means that an encrypted Wi-Fi network protects your private traffic from being snooped on.
This is kind of true -- but there's a big weakness here.
WPA2-PSK Uses a Shared Key
The problem with WPA2-PSK is that it uses a "Pre-Shared Key." This key is the password, or passphrase, you have to enter to connect to the Wi-Fi network. Everyone that connects uses the same passphrase.
It's quite easy for someone to monitor this encrypted traffic. All they need is:
- The passphrase: Everyone with permission to connect to the Wi-Fi network will have this.
- The association traffic for a new client: If someone is capturing the packets sent between the router and a device when it connects, they have everything they need to decrypt the traffic (assuming they also have the passphrase, of course). It's also trivial to get this traffic via "deauth" attacks that forcibly disconnect a device from a Wi_Fi network and force it to reconnect, causing the association process to happen again.
Really, we can't stress how simple this is. Wireshark has a built-in option to automatically decrypt WPA2-PSK traffic as long as you have the pre-shared key and have captured the traffic for the association process.
What This Actually Means
What this actually means is that WPA2-PSK is not much more secure against eavesdropping if you don't trust everyone on the network. At home, you should be secure because your Wi-Fi passphrase is a secret.
However, if you go out to a coffee shop and they use WPA2-PSK instead of an open Wi-FI network, you might feel much more secure in your privacy. But you shouldn't -- anyone with the coffee shop's Wi-Fi passphrase could monitor your browsing traffic. Other people on the network, or just other people with the passphrase, could snoop on your traffic if they wanted to.
Be sure to take this into account. WPA2-PSK prevents people without access to the network from snooping. However, once they have the network's passphrase, all bets are off.
Why Doesn't WPA2-PSK Try to Stop This?
WPA2-PSK actually does try to stop this through the use of a "pairwise transient key" (PTK). Each wireless client has a unique PTK. However, this doesn't help much because the unique per-client key is always derived from the pre-shared key (the Wi-Fi passphrase.) That's why it's trivial to capture a client's unique key as long as you have the Wi-Fi passphrase and can capture the traffic sent via the association process.
WPA2-Enterprise Solves This... For Large Networks
For large organizations that demand secure Wi-Fi networks, this security weakness can be avoided through the use of EAP authantication with a RADIUS server -- sometimes called WPA2-Enterprise. With this system, each Wi-Fi client receives a truly unique key. No Wi-Fi client has enough information to just start snooping on another client, so this provides much greater security. Large corporate offices or government agencies should be using WPA2-Enteprise for this reason.
But this is too complicated and complex for the vast majority of people -- or even most geeks -- to use at home. Instead of a Wi-FI passphrase you have to enter on devices you want to connect, you'd have to manage a RADIUS server that handles the authentication and key management. This is much more complicated for home users to set up.
In fact, it's not even worth your time if you trust everyone on your Wi-Fi network, or everyone with access to your Wi-Fi passphrase. This is only necessary if you're connected to a WPA2-PSK encrypted Wi-Fi network in a public location -- coffee shop, airport, hotel, or even a larger office -- where other people you don't trust also have the Wi-FI network's passphrase.
So, is the sky falling? No, of course not. But, keep this in mind: When you're connected to a WPA2-PSK network, other people with access to that network could easily snoop on your traffic. Despite what most people may believe, that encryption doesn't provide protection against other people with access to the network.
If you have to access sensitive sites on a public Wi-Fi network -- particularly websites not using HTTPS encryption -- consider doing so through a VPN or even an SSH tunnel. The WPA2-PSK encryption on public networks isn't good enough.
Image Credit: Cory Doctorow on Flickr, Food Group on Flickr, Robert Couse-Baker on Flickr