The security issues with WAP
Written By: Dan Zrobok
It is the goal of this document to describe the Wireless Application Protocol (WAP) and the security issues that it presented. In order to be able to accurately discuss the protocol suite, an overview of the system will first be given. This section will discuss the system as a basic level and discuss the various services that WAP provides. The second part of the report will begin to discuss the security issues that are present in the specifications and various implementations. The final section of this document will put these vulnerabilities in perspective with regards to how the limitations of WAP can affect the wireless Internet revolution.
What is WAP?
In order to be able to discuss the security problems present in the protocol suite, the suite itself must first be explained. WAP is a list of protocols and specifications with the intent of allowing Internet content to be served to wireless clients. These specifications are controlled by the WAP Forum (www.wapforum.org) and can be freely downloaded in PDF format. WAP is similar to the design of the TCP/IP Protocol stack in that there are 6 abstraction levels that perform unique tasks. The highest level is the Wireless Application Environment Layer. This layer provides the application interface to the protocol suite. One of these interfaces is the Wireless Markup Language (WML). WML is similar to HTML but it is optimized for hand-held mobile terminals. Most of the content that is served to the wireless device is in WML. The reason for not using HTML is that the size and resolution of the display on a cell phone is vastly different than that of a monitor. Space is at a premium, so WAP forces content providers to re-write their applications to generate simpler code that the device will be able to adequately display. The next layer is the Wireless Session Protocol (WSP). This layer provides the ability to manage sessions and also provides HTTP 1.1 functionality. The third layer is the Wireless Transaction Protocol (WTP). This layer provides transactions capabilities similar to standard TCP. The fourth is the Wireless Transport Layer Security (WTLS). WTLS is the focus of this report as it provides the security mechanisms for WAP, so it will be evaluated in greater detail later. The fifth layer is the Wireless Datagram Protocol (WDP). This layer provides a common transport interface for the variety of different network types that the wireless device can be operating on. The final layer is called the Bearers layer. This layer is the actual method that the wireless service provider runs their system on. Supported Bearers include CDMA and GSM. More bearers are added as new network types are created or modified. By using this layering approach, WAP can provide the same services regardless of the underlying “physical” network that the provider uses. These layers discuss how information is sent and received from the wireless device, but it does not discuss how the WAP device can access the Internet (Remember that they are not immediately compatible with each other).
The solution to this problem is the use of “WAP Gateways”. In order to better explain the operation of the gateway, the typical steps that a WAP device goes through in order to connect to the Internet is be given.
When a wireless device wants to retrieve an Internet resource, it checks to see if it already has an open Internet connection. If so, it uses it. If not, it dials a dial-in server using Point-to-Point Protocol (PPP). The PPP server assigns the device an IP address and then passes the connection to the WAP gateway. The WAP gateway has “two” network connections, one to the wireless device and the other to the Internet. The gateway takes requests that come from the wireless device and then acts like a typical proxy server in that the gateway requests the resource from the Internet and then converts it back into WAP and sends it to the wireless device. We can see from the actions that the WAP Gateway takes why it is called a Gateway. The Gateway takes information from one network and its format and converts into the equivalent request on the other network.
There are two interesting side affects to the use of a gateway that will be mentioned. The first is that if the requested resource on the Internet is not in WML or WAP compatible format, then the gateway has the opportunity to automatically convert it into WML and send it back to the wireless device (Remember that HTML is not supported by WAP). The second is that plaintext WML is not sent to the wireless device. Instead, it is compiled by the gateway into a binary format (Called WMLC or Wireless Markup Language Compressed) in order to reduce bandwidth.
The key components and ideas of WAP have been presented. The key idea to grasp is that the WAP Gateway is the only device that is actually connected to the Internet. The wireless device itself only gets back compiled data from the gateway.
Now that WAP has been adequately discussed, the focus of the report can shift to the security issues that are present in the specifications. In WAP, the security is contained in WTLS. Therefore, this is the layer that must be evaluated for security liabilities.
The implementation of WTLS is similar to the Internet implementation of TLS (Transport Layer Security). TLS is used to encrypt the transmission between a web browser and the web server. WTLS is used to encrypt the transmission between the wireless device and the WAP gateway. The difference between the two is that WTLS was designed so that it can cope with long round-trip times, low bandwidth connections, low processing power, small memory capacities and cryptography exportation regulations. It is these differences that pose the serious security problems.
The WTLS Problem
WTLS and TLS are not compatible. To best illustrate why this is such a large security concern, an example will be given. A wireless user is purchasing an item off a web site using TLS. They fill out the form and submit their credit card information. The wireless device creates a WTLS connection to the WAP gateway. The WAP Gateway recognizes that a secure channel is desired and attempts to use TLS to connect to the web site. A problem occurs. The WAP Gateway cannot simply pass the WTLS connection along to the web server because the server only understands TLS. The WAP Gateway only has one possible way of making the connections work. It must decrypt WTLS and then re-encrypt it under TLS! This means that the WAP gateway has a point where the data that the user is trying to keep secret is available un-encrypted. This should definitely be a cause for alarm for anyone that values the secrecy of his or her personal information. It can be argued that this is not a large security hole because the conversion occurs in the memory of a trusted gateway computer. The rebuttal to this point is to talk about the history of TCP/IP. When that protocol suite was in its infancy, there were parts where trust was assumed between two parties but as the technology grew, users became aware that they could take advantage of this trust and exploit systems. An example of this type of behavior can be found in the method that TCP used to simply create a connection every time that one was requested, but look at what happens today. A user could flood a server with millions upon millions of connection requests and eventually cause a denial of service error. This is just an example of misplacing trust, especially early in the life cycle of a protocol suite. In the WAP problem, if the gateway were ever compromised, then that hacker could have access to all the confidential information by dumping the contents of memory into a log and then searching for known patterns that contain credit card numbers.
The solution to the problem
There is no perfect solution to this problem at this time (WAP version 1.2). The easiest solution is to only use trusted WAP Gateways. Another is to combine the WAP Gateway into the web server in what is called a WAP Server. This way the decryption of data occurs on the party’s computer that you want it to. The problem with this solution is that a typical cell phone can only be configured with one or two gateways and if a user wants to use another provider’s services, they have to manually change this data that is very cumbersome on a cell phone.
There are a couple more security flaws present in the WAP specifications. These are not considered to be as severe as the gateway problem, so they will not be covered in as much detail.
Unauthenticated alert messages
In the WAP Specifications, there are alert messages that are used to notify the client of a problem in sending the data grams. Some of these alert messages are sent in plaintext and are not properly authenticated. This allows a hacker to replace an encrypted datagram with an unencrypted response, causing a truncation attack that allows arbitrary packets to be removed from the data stream.
35-bit DES Encryption
Rather than using 40-bit DES (Data Encryption Standard) encryption, the WAP standard effectively uses 35-bit encryption. In every byte that WAP sends encrypted, there is a parity bit added. This means that there are only 35 effective key bits in five encrypted bytes. This causes a key space reduction by a factor of 32 and allows a hacker easier access to break the encryption using brute force.
WAP has become the de facto standard for wireless devices to connect to the Internet in North America. Most cell phones that can be purchased on the market today have WAP support built in. Major companies are beginning to develop WAP applications that allow people to control their finances on their WAP devices. There is a lot of money being invested in this technology.
This means that it is a standard that will be around for quite a while because users and companies will be reluctant to abandon their applications that they have already invested great amount of time and money into should the holes in WAP not be fixed.
WAP has the potential to lead or restrict the wireless revolution. This is why it is important to discuss the security issues that are present. Nobody is going to want to use a system where his or her personal information can be compromised. The WAP Forum must address thee issues raised in their document in WAP 2.0 to make sure that information remains safe when someone uses their wireless device for confidential data transmission and thinks they are getting a secure connection from one end to the other.