The security issues with WAP
Written By: Dan Zrobok
Date: 03/26/2001
Email: zrobokd@mcmaster.ca
It is the goal of this
document to describe the Wireless Application Protocol (WAP) and the security
issues that it presented. In order to be able to accurately discuss the
protocol suite, an overview of the system will first be given. This section
will discuss the system as a basic level and discuss the various services that
WAP provides. The second part of the report will begin to discuss the security
issues that are present in the specifications and various implementations. The
final section of this document will put these vulnerabilities in perspective
with regards to how the limitations of WAP can affect the wireless Internet
revolution.
What is
WAP?
In
order to be able to discuss the security problems present in the protocol
suite, the suite itself must first be explained. WAP is a list of protocols and
specifications with the intent of allowing Internet content to be served to
wireless clients. These specifications are controlled by the WAP Forum (www.wapforum.org) and can be freely
downloaded in PDF format. WAP is similar to the design of the TCP/IP Protocol
stack in that there are 6 abstraction levels that perform unique tasks. The
highest level is the Wireless Application Environment Layer. This layer
provides the application interface to the protocol suite. One of these
interfaces is the Wireless Markup Language (WML). WML is similar to HTML but it
is optimized for hand-held mobile terminals. Most of the content that is served
to the wireless device is in WML. The reason for not using HTML is that the
size and resolution of the display on a cell phone is vastly different than
that of a monitor. Space is at a premium, so WAP forces content providers to
re-write their applications to generate simpler code that the device will be
able to adequately display. The next layer is the Wireless Session Protocol
(WSP). This layer provides the ability to manage sessions and also provides
HTTP 1.1 functionality. The third layer is the Wireless Transaction Protocol
(WTP). This layer provides transactions capabilities similar to standard TCP.
The fourth is the Wireless Transport Layer Security (WTLS). WTLS is the focus
of this report as it provides the security mechanisms for WAP, so it will be
evaluated in greater detail later. The fifth layer is the Wireless Datagram
Protocol (WDP). This layer provides a common transport interface for the
variety of different network types that the wireless device can be operating
on. The final layer is called the Bearers layer. This layer is the actual
method that the wireless service provider runs their system on. Supported Bearers
include CDMA and GSM. More bearers are added as new network types are created
or modified. By using this layering approach, WAP can provide the same services
regardless of the underlying “physical” network that the provider uses. These layers discuss how information is sent
and received from the wireless device, but it does not discuss how the WAP
device can access the Internet (Remember that they are not immediately
compatible with each other).
The solution to this problem is
the use of “WAP Gateways”. In order to better explain the operation of the
gateway, the typical steps that a WAP device goes through in order to connect
to the Internet is be given.
WAP Gateways
When a wireless device wants to retrieve an Internet resource, it checks to see if it already has an open Internet connection. If so, it uses it. If not, it dials a dial-in server using Point-to-Point Protocol (PPP). The PPP server assigns the device an IP address and then passes the connection to the WAP gateway. The WAP gateway has “two” network connections, one to the wireless device and the other to the Internet. The gateway takes requests that come from the wireless device and then acts like a typical proxy server in that the gateway requests the resource from the Internet and then converts it back into WAP and sends it to the wireless device. We can see from the actions that the WAP Gateway takes why it is called a Gateway. The Gateway takes information from one network and its format and converts into the equivalent request on the other network.
There are two interesting side affects to the use of a gateway that will be mentioned. The first is that if the requested resource on the Internet is not in WML or WAP compatible format, then the gateway has the opportunity to automatically convert it into WML and send it back to the wireless device (Remember that HTML is not supported by WAP). The second is that plaintext WML is not sent to the wireless device. Instead, it is compiled by the gateway into a binary format (Called WMLC or Wireless Markup Language Compressed) in order to reduce bandwidth.
The key components and ideas of WAP have been presented. The key idea to grasp is that the WAP Gateway is the only device that is actually connected to the Internet. The wireless device itself only gets back compiled data from the gateway.
Now that WAP has been adequately discussed, the focus of the report can shift to the security issues that are present in the specifications. In WAP, the security is contained in WTLS. Therefore, this is the layer that must be evaluated for security liabilities.
WTLS
The implementation of WTLS is similar to the Internet implementation of TLS (Transport Layer Security). TLS is used to encrypt the transmission between a web browser and the web server. WTLS is used to encrypt the transmission between the wireless device and the WAP gateway. The difference between the two is that WTLS was designed so that it can cope with long round-trip times, low bandwidth connections, low processing power, small memory capacities and cryptography exportation regulations. It is these differences that pose the serious security problems.
The WTLS Problem
WTLS and TLS are not compatible. To best illustrate why this is such a large security concern, an example will be given. A wireless user is purchasing an item off a web site using TLS. They fill out the form and submit their credit card information. The wireless device creates a WTLS connection to the WAP gateway. The WAP Gateway recognizes that a secure channel is desired and attempts to use TLS to connect to the web site. A problem occurs. The WAP Gateway cannot simply pass the WTLS connection along to the web server because the server only understands TLS. The WAP Gateway only has one possible way of making the connections work. It must decrypt WTLS and then re-encrypt it under TLS! This means that the WAP gateway has a point where the data that the user is trying to keep secret is available un-encrypted. This should definitely be a cause for alarm for anyone that values the secrecy of his or her personal information. It can be argued that this is not a large security hole because the conversion occurs in the memory of a trusted gateway computer. The rebuttal to this point is to talk about the history of TCP/IP. When that protocol suite was in its infancy, there were parts where trust was assumed between two parties but as the technology grew, users became aware that they could take advantage of this trust and exploit systems. An example of this type of behavior can be found in the method that TCP used to simply create a connection every time that one was requested, but look at what happens today. A user could flood a server with millions upon millions of connection requests and eventually cause a denial of service error. This is just an example of misplacing trust, especially early in the life cycle of a protocol suite. In the WAP problem, if the gateway were ever compromised, then that hacker could have access to all the confidential information by dumping the contents of memory into a log and then searching for known patterns that contain credit card numbers.
The solution to the
problem
There is no perfect solution to this problem at this time (WAP version 1.2). The easiest solution is to only use trusted WAP Gateways. Another is to combine the WAP Gateway into the web server in what is called a WAP Server. This way the decryption of data occurs on the party’s computer that you want it to. The problem with this solution is that a typical cell phone can only be configured with one or two gateways and if a user wants to use another provider’s services, they have to manually change this data that is very cumbersome on a cell phone.
There are a couple more security flaws present in the WAP specifications. These are not considered to be as severe as the gateway problem, so they will not be covered in as much detail.
Unauthenticated alert messages
In the WAP Specifications, there are alert messages that are used to notify the client of a problem in sending the data grams. Some of these alert messages are sent in plaintext and are not properly authenticated. This allows a hacker to replace an encrypted datagram with an unencrypted response, causing a truncation attack that allows arbitrary packets to be removed from the data stream.
35-bit DES Encryption
Rather
than using 40-bit DES (Data Encryption
Standard) encryption, the WAP standard effectively uses 35-bit encryption. In
every byte that WAP sends encrypted, there is a parity bit added. This means
that there are only 35 effective key bits in five encrypted bytes. This causes
a key space reduction by a factor of 32 and allows a hacker easier access to
break the encryption using brute force.
Conclusions
WAP has become the de facto standard
for wireless devices to connect to the Internet in North America. Most cell
phones that can be purchased on the market today have WAP support built in.
Major companies are beginning to develop WAP applications that allow people to
control their finances on their WAP devices. There is a lot of money being
invested in this technology.
This means that it
is a standard that will be around for quite a while because users and companies
will be reluctant to abandon their applications that they have already invested
great amount of time and money into should the holes in WAP not be fixed.
WAP has the potential to lead or restrict the wireless revolution. This
is why it is important to discuss the security issues that are present. Nobody
is going to want to use a system where his or her personal information can be
compromised. The WAP Forum must address thee issues raised in their document in
WAP 2.0 to make sure that information remains safe when someone uses their
wireless device for confidential data transmission and thinks they are getting
a secure connection from one end to the other.