WiFi Direct Printing & How It Works
Move over, Bluetooth (BT). You’ve been replaced by WiFi Direct, a peer-to-peer (P2P) wireless application used for connectivity to printers and other peripherals such as speakers, headphones, mice and keyboards. WiFi Direct even enables Near-field communication (NFC). In this episode, the IAG looks at WiFi Direct printing and how it works. Spoiler alert—you’ll like it better than BT.
What is WiFi Direct?
WiFi Direct is essentially an on-demand ad-hoc wireless network which uses “soft” access points (APs) instead of “hard” APs like routers. Thus, it’s software-driven rather than hardware-based. It simplifies connectivity between devices by allowing them to bypass a router and instead communicates on a P2P basis.
In other words, WiFi Direct is “single-hop” communication, just like BT. But while BT speeds top out at 2.1 Mbps, WiFi Direct speeds match whatever device it’s embedded into—802.11 a/b/g/n/ac/x.
WiFi Direct doesn’t need an Internet connection and only one device has to be enabled with WiFi Direct for pairing to occur (unlike BT, which requires both).
One would expect that the Wi-Fi Alliance to add an amendment to IEEE 802.11 addressing WiFi Direct. Surprisingly, it didn’t. However, WiFi Direct-capable devices do come with a “certification mark,” which means that certified devices can “discover, connect and do in a single step… implement(ing) interoperable services for several common tasks.”
Finding a WiFi Direct-capable device is usually straightforward. When searching for available wireless networks, users will readily recognize a WiFi Direct device because its SSID starts with “Direct,” followed by a product number or name.
WiFi Direct and Security
According to the WiFi Alliance, WiFi Direct transmissions are “protected” by WPA2. (See our take on WPA2 here.)
WiFi Direct transacts connections between devices using the “WiFi Protected Setup” (WPS) protocol, a wireless network security standard that includes a network name (SSID). It works only on password-enabled WLANs encrypted with WPA/WPA2 algorithms, meaning that if you’re still using WEP (DON’T!), WiFi Direct won’t work on your device.
For those truly concerned with adequately protecting data and files, the IAG advises users to forego WiFi Direct altogether since it has serious vulnerabilities—no matter what method one uses to pair devices.
WiFi Direct is particularly at risk if simultaneously used while the device is connected to two different network devices—e.g., a router and a paired device—at the same time. Chances are that on your home router, the manufacturer has enabled WPS by default.
In doing so, your router exposes your WLAN to cyberattacks. Worse, on some routers, users can’t disable WPS. Even on some that “do,” the manufacturer still enables WPS unbeknownst to the user. To complicate matters, some routers offer only an “enable/disable” choice without allowing the user to select an authentication method.
WPS uses two different WiFi Direct connections: persistent and temporary. Intuitive reader that you are, you immediately grasp that persistent connections store data on devices for repeated retrieval when necessary.
Temporary connections cannot automatically reconnect; they need input such as sign-ins, SSIDs, PINs, etc. whenever they’re made. And, as you’ve already no doubt surmised, temporary WiFi connections are more secure (a relative term, to be sure) than persistent ones.
In case you’re wondering, BT is hardly a secure alternative to WiFi Direct. As more black hats search BT’s (admittedly lengthy) standard for ways to crack into it, more vulnerabilities will be discovered.
Three Methods to Connect WPS
Below are the three methods used to connect WiFi Direct. Some are more insecure than others but none offer enterprise-level security. Caveat emptor.
1. Push-button configuration (PBC): This button can either be physical or software-based. On a router, one will generally find a physical WPS button on the back of the device next to the Ethernet ports. Note that during the setup/pairing process, rogue devices in range could join the network. This is an optional approach, meaning the WiFi Alliance doesn’t require devices to include this setup mode.
2. PIN entry: All WPS-enabled devices require an 8-digit PIN code for network access, which is either fixed or dynamic. Users cannot change the PIN. Once the “registrar” device detects the presence of a new WiFi device, it queries for the PIN. In PIN entry mode, the WPS network encrypts data and authenticates network devices. The standard requires that all WPS-enabled devices include this mode.
3. Near-field Communication (NFC). This mode interface can transfer network settings to a new device with the use of manual PIN code entry. The Wi-Fi Alliance claims that this “method provides strong protection against adding an unintended device to the network.” Like PBC, it too is an optional setup mode.
Cracking WiFi Direct
The use of an 8-digit PIN code leaves WiFi Direct vulnerable to brute-force attacks.
An 8-digit PIN has a maximum of 100 million possible combinations (108). But since the eighth digit is a checksum for the previous 7 digits, the possible combinations aren’t 100 million but 10 million (107). If all possible combinations are tried at 1 PIN/second, the code will be cracked in no more than 115.7 days.
Reasonable security, right? Wrong. WiFi Direct actually relays the 8-digit code in two 4-digit halves, which are then independently verified. Thus, a black hat doesn’t have to crack a 7-digit code, just a 4-digit code and a 3-digit code.
The first has a possible 10,000 (104) possible combinations which, at a rate of 1 PIN/second, can be tested in 2.7 hours. The second, with only 1,000 (103) combinations (thanks to the checksum digit) can be tried in just 16 minutes. So, instead of nearly four months, an intruder can crack a WiFi Direct PIN code in 3 hours using brute force.
Due to security concerns, many organizations have directed users to disable devices with WiFi Direct. For example, in 2017 the University of Las Vegas-Nevada (UNLV) ordered the owners of HP WiFi Direct-enabled printers to disable the option. UNLV considers them “unapproved” APs, citing the devices as “security risks” and providing “poor campus WiFi experiences.”
Now you know why many experts implore WiFi users to disable WiFi Direct or even better, don’t use WiFi Direct-enabled routers at all.
Direct WiFi Printing
Having done our best to deter you from using WiFi Direct, the IAG realizes that convenience and utility sometimes override the desire for absolute cybersecurity. So, if you’ve safeguarded your WLAN from would-be hackers, let’s look at ‘Wi-Fi Direct Print,’ which “gives users the ability to print documents directly from a smartphone, tablet or PC with a single command.”
Of course, it’s a snap to connect a printer to a PC or a laptop with an Ethernet cable. Connecting printers with WiFi Direct is simple, too.
In most cases, connecting is nothing more than enabling a printer’s WiFi Direct capability, clicking on the wireless icon in the computer’s systray menu, choosing the printer from the list of available wireless networks and entering the printer’s password. Users may need to install a printer driver when initially setting up WiFi Direct.
You’ll also find the same ease of connectivity in mobile device platforms like Android and iOS. Since version 2.3 (Gingerbread), Android devices have supported WiFi Direct. Apple brands WiFi Direct as “Airdrop” or “Airplay,” and began including WiFi Direct on iOS 7.
Windows too has native WiFi Direct, beginning with the Vista OS. And WiFi Direct works on the mac OS as well.
A typical application for WiFi Direct printing would be printing color photos. Large or high-resolution images generally have sizable file sizes. WiFi Direct needs much less time to print compared to BT since the former transfers large amounts amount of data much faster.
To demonstrate the ease of setting up WiFi Direct, look at this video showing how to print from iOS to an HP printer:
It’s not just print files that can take advantage of WiFi Direct. P2P offline file-sharing apps like Google Files, Flashshare and Xender can also avail of WiFi Direct connectivity. And WiFi Direct is more ubiquitous than one might think. In addition to Apple “rebranding” WiFi Direct, Samsung (“Allshare”) and Google (“Chromecast”) have, too.
To be fair, Bluetooth does have one advantage over WiFi Direct: the latest version (5.0) of Bluetooth Low Energy (BLE) uses much less power than WiFi Direct.
This means BLE is more appropriate for IoT devices and portable devices with limited battery storage. BLE can operate on as little as 10 mW of power while WiFi Direct may use as much as 20 W. Let your smart refrigerator use BLE while you use WiFi Direct to print off your .pdfs.