Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: The Woops of WPS (Wi-Fi Protected Setup) raises its ugly head again

17 Apr 2014   #1
A Guy

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
The Woops of WPS (Wi-Fi Protected Setup) raises its ugly head again

WPS (Wi-Fi Protected Setup) is an alternate on-ramp to a Wi-Fi network. Thinking that clicking on the name of a network and entering its password is too hard, the Wi-Fi Alliance came up with the WPS protocol back in 2007.

WPS allowed for both push-button and PIN-based access to Wi-Fi networks. Passwords? We don't need no stinking passwords.

A recent ZDNet article mentioned that the WPS protocol has been enhanced to include Near Field Communication (NFC). Now smartphones with NFC capability can join in the WPS fun. A press release from the Wi-Fi Alliance says "With the NFC method, the user connects two or more NFC-enabled products by tapping them together. Wi-Fi Protected Setup then automatically configures the network name and activates WPA2™ security."

The ZDNet article is typical of a large journalistic failure in that it omits the security issues. WPS is a huge security problem. A Wi-Fi network running WPS can be breached in a matter of hours, no matter how long or complex the Wi-Fi password is. Give the router a PIN number (usually on a sticker on the router) and it responds with the Wi-Fi password.

Change the password and WPS will happily provide the new one to anyone patient enough to ask repeatedly. Although the PIN is eight digits, a flaw in the protocol meant that bad guys only needed 11,000 guesses (CERT Vulnerability Note VU#723755 has details). Every possible PIN can be guessed in a matter of hours. After three wrong guesses, routers were supposed to pause for 60 seconds before accepting new guesses, but many did not.

A Guy

My System SpecsSystem Spec

17 Apr 2014   #2

Windows 7 64-bit, Windows 8.1 64-bit, OSX Maverick

The 11,000 attempt to crack the eight digits PIN puzzled me and seemed incorrect, since eight digits PIN has 100 million possible variation. Until I've red CVE...

The implementation of the WPS PIN isn't really eight digits, it's broken down to two four digits blocks. As such, the exploit cracks by blocks. The crack of the first block of four digits, 10,000 possible variations, runs until the WPS confirms the first half of the PIN. The second block isn't really four digits, it's only three since the fourth digit in this block used as check sum. So the crack of the second block of the three digits, 1,000 possible variation, runs until the WPS confirms the PIN. And that's where the 11,000 number came from.

It's sort of like that LM hash used to be, split in the middle...
My System SpecsSystem Spec
17 Apr 2014   #3

Windows 7 ultimate 64-bit

oh boy.....lovely....just what i wanted to hear. Why dont router manufacturers just completely do away with the wps push button system all together. Especially if it causes so many security issues. 11000 guesses does not seem like that many and im sure it probably isnt.
My System SpecsSystem Spec


 The Woops of WPS (Wi-Fi Protected Setup) raises its ugly head again

Thread Tools

Similar help and support threads
Thread Forum
Wi-Fi Protected Setup now supports NFC for tap-to-connect access
Read more at: Wi-Fi Protected Setup now supports NFC for tap-to-connect access to work, home networks | ZDNet See also: Wi-Fi CERTIFIED Wi-Fi Protected Setup? adds NFC tap-to-connect for simple set up of security-protected Wi-Fi® devices and networks | Wi-Fi Alliance
Trying to setup a Home Group - keep banging hy head against the wall
Over the last few days I've been browsing this forum trying to sort out why I can't setup a Home Group, I've read a lot of suggestions and tried them, to speed thing up a bit I thought I would ask the brains trust where I should go from here. Below is a list showing what I've done already. ...
Network & Sharing
LocalMLS Rearing it's ugly head again
So I was running out of space on my boot drive, so I ran WinDirStat. I was surprised by the HUGE size of the MS Media player Art Cache - 11.1GB worth Now I can go and clear that sucker out - I remember doing it before a year or two or more ago. I tend not to actually USE the MS Media player.....
Performance & Maintenance
Wi-Fi Protected Setup security hole discovered.
Hi Folks, read about it here.
Network & Sharing
xbox 360 head to head gaming with PC laptop
OK I searched google and here and really can't find a solid answer to this. I have even read that windows 8 might have this feature at some point. Anyway I want to play first person shooting games like black ops from my alienware against my nephew on his xbox 360. reason for this is I have...
Woops! This is embarising....
The last two versions of FF keeps posting this message after a fresh start of that browser. Don't know if it is my machine or the browser. Any history on this from other users? :D
Browsers & Mail

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 15:57.

Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App