We were recently called out to a client to help connect connect their new point of sale (PoS) to their wireless network. We recently did a strip-and-rebuild of this clients’ network and implemented a cutting-edge primary firewall (and a two other firewalls) as well as various other Industry Standard+ (that’s our term for a step-above industry standards) network security practices. One of these methods was segregating their wireless network from the rest of their network. Given the scope of the project was to be HIPAA compliant, ensuring there are strict divides as to where what data resides and/or travels, this was utterly essential. As we all should be aware, two of the most-vulnerable locations in your network are 1) Your Wireless Network and 2) Physical Access to your critical LAN infrastructure.
This client’s wireless network is physically separate from their secure LAN on a Layer 1 level (learn about network layers here: What is the OSI Model?). The only possible way to hop the network would be to establish some form of a VPN or IPSec tunnel to the other net (which can only be done with direct access to a device on both networks as well as having admin access to 3 firewalls and/or by disabling the firewalls or by physically connecting the two networks – in a nutshell, possible, but not an easy task by any means).
Another security practice we implemented, was to ensure all communication within their network is encrypted. Meaning, if anyone were able to break in and sniff around, they wouldn’t be able to read or access the data being transmitted. This is accomplished by way of using cryptographic hardware such as AES-NI or Crypto devices. Ideally, when using a publicly facing peripheral (such as a Wireless Access Point), you would want this peripheral secured similarly.
In terms of securing a Wireless Access Point (WAP [no, not like the song]), there are multiple methods and some include:
- Changing default passwords and using unique and complex passwords for both Access and administration with a rotation schedule.
- Restricting access by implementing various types of access control lists (ACL’s) either by MAC, IP and Username & Password authentication or a combination-of.
- Protecting the SSID by disabling SSID Broadcasting
- Encrypting Data Within the Network via an Encryption Protocol (WPA, WPA2, WPA3, etc…)
- Implementing a Firewall
- Restricting File Sharing
What Is and How Does Wireless Encryption Work?
The most common form of wireless encryption is Wi-Fi Protected Access, otherwise known as WPA. WPA was an intermediate measure developed by the Wi-Fi Alliance to take place of WEP (Wired Equivalent Privacy) until IEEE 802.11i became standard. IEEE 802.11i is also known as WPA2. We won’t dive into the high-level of these specific protocols, but will instead break them down:
WEP – Wired Equivalent Privacy was the first encryption protocol designed for wireless networks. You can assume, based on it’s name, it was designed to provide the same level of security as a wired network. This protocol was poorly designed and left the door open to many security vulnerabilities, it was a pain to configure, and it was easily broken.
WPA – Wi-Fi Protected Access was quickly released as a “patch” over WEP while a 2nd generation protocol was being developed. WPA uses a pre-shared key (PSK) or a Temporal Key Integrity Protocol (TKIP) for encryption. Technopedia best-describes a pre-shared key by likening it to a simple book cipher of the early to mid-millennium:
Recipients used the pre-shared key to decode messages sent encrypted in the printed pages of a book. The key was often a book in which both the sender and receiver could measure equidistant letter sequence markings. The key could be delivered in person. After that, the sender could send a set of numbers corresponding to an equidistant sequence matching the letters in the book. Without the underlying book, the pre-shared key, the set of numbers would defy analysis or code-breaking. The code was not a cipher, then, but a reference to the pre-shared key itself.
In a nutshell, this pre-shared key unlocks the data being transmitted over the wireless network. Starting to connect the dots? If not, here’s the nutshell:
Every byte of data being transmitted over a wireless network can be captured. Regardless of whether someone has the wi-fi password/key or not. However, without the password/key, they can’t necessarily read the data.
So, what does this have to do with my second-generation Clover Flex?
In this article I posted on the Clover forum, I detail an issue I ran into connecting this “new and improved” PoS to this client’s wireless network. The wireless network we implemented for this client used strict AES encryption. Strict AES encryption is the preferred encryption method without moving to an enterprise-level solution which also includes strict AES encryption, just with more “layers” to peel back.
What is AES Encryption? AES encryption is the acronym for Advanced Encryption Standard. AES is a symmetric block cipher chosen by the United States Government to protect classified information. AES was specifically developed for the U.S. Government by The National Institute of Standard and Technology initially in 1997 and stated it would be unclassified and is “capable of protecting sensitive government information well into the [21st] century.” I was designed to be easy to integrate within hardware, software, restricted environments, and is able to offer a decent defense against a multitude of attack vectors. You can learn more about AES here.
What is TKIP Encryption? Comparitech explains it best: According to Wikipedia, TKIP was designed to “replace” the then vulnerable WEP “standard” without having to make changes to the hardware that was running the Wired Equivalent Privacy (WEP) standard. It uses the RC4 cipher. Network World explains TKIP does not actually replace WEP; it is a “wrapper”. Unfortunately, it is wrapped around the fundamentally unsafe WEP, the reason being it was intended as a temporary measure, because nobody wanted to throw away all the hardware investments they had made, and it was able to be quickly deployed. The lattermost reason was enough for vendors and business managers to embrace it enthusiastically. In its day, TKIP hardened WEP security by:
- Mixing a base key, the MAC address of an Access Point (AP), and a packet serial number – “The mixing operation is designed to put a minimum demand on the stations and access points, yet have enough cryptographic strength so that it cannot easily be broken.”
- Increasing the key length to 128 bits – “This solves the first problem of WEP: a too-short key length.”
- Creating a unique 48-bit serial number which is incremented for each packet sent so no two keys are the same – “This solves another problem of WEP, called “collision attacks,” which can occur when the same key is used for two different packets.
- Reducing the risk of replay attacks with the expanded initialization vector (IV) mentioned above – “Because a 48-bit sequence number will take thousands of years to repeat itself, no one can replay old packets from a wireless connection—they will be detected as out of order because the sequence numbers won’t be right.”
How vulnerable is TKIP? According to Cisco, TKIP is vulnerable to packet decryption by an attacker. However, only the authentication key can be stolen by an attacker, not the encryption key. There is a downside when TKIP is used with PSK. “With 802.1X authentication, the session secret is unique and transmitted securely to the station by the authentication server; when using TKIP with pre-shared keys, the session secret is the same for everyone and never changes—hence the vulnerability of using TKIP with pre-shared keys.” Read The TKIP Hack here.
Below is what we shared with Clover in hopes they will implement a fix.
Client switched retail merchants and received a new Flex POS. Their old device was the original (I believe) 1st Gen Flex. I’ll refer to the 1st-gen Flex as “Flex A” and the new 2nd-gen Clover as “Flex B”.
The wireless access point used in this environment is a NETGEAR R7960P running the latest Netgear Firmware (V18.104.22.168_1.3.28). The wireless network is (was) broadcasting on 2.4GHz b/g/n as well as 5GHz a/n/ac with strict WPA2-PSK AES encryption and is located less than 15-feet from the Clover device(s). This wireless network is also secured by a captive portal using LDAP authentication and numerous firewall rules via latest stable-release pfSense edge device. Flex A had zero issues working with this network configuration with authentication being handled via a MAC & IP-based ACL on the firewall via the captive portal.
Upon receiving the new Flex (Flex B), configuring the firewall to allow the device on the network should have been as easy as adjusting the MAC/IP ACL. However, this proved not as easy.
After several hours of troubleshooting, stripping down my wireless firewall(s), numerous Clover Support remote sessions, a factory reset, a new device overnighted, and more hours of further frustration I just-so happened to stumble upon the problem by chance: I reconfigured the wireless access point encryption to accept WPA-PSK TKIP – an older and less secure method of wireless encryption – and voila.
As an advocate for privacy and security online, I find this discovery to be a bit disconcerting. Especially-so when dealing with sensitive customer data and PCI (and HIPAA in some cases) Compliance. I highly encourage developers of the 2nd-gen Flex to allow only AES-encrypted (or better) connection methods. I have yet to confirm whether the device is strictly using TKIP encryption. Could this be a specific wireless access point hardware/software issue? Possibly. I have yet to test other hardware with the 2nd-gen device. This is next on my list, as I cannot allow my client to use hardware and methods that have known vulnerabilities such as TKIP encryption.
We’ll update this post as we learn more and hopefully receive some insight back from Clover in the coming days.