Printed from http://www.electronista.com

Crack breaks WPA-encrypted Wi-Fi in 1 minute

updated 10:45 pm EDT, Thu August 27, 2009

WPA 1 Minute Hack

Japanese researchers today revealed that they have developed a crack that can break WPA (Wireless Protected Access) encryption on a Wi-Fi network within a minute. Kobe University's Masakatu Morii and Hiroshima University's Toshihiro Ohigashi together developed a practical attack that exploits a vulnerability in the Temporal Key Integrity Protocol, or TKIP, that underlines WPA. While not providing full details of the attack for security reasons, the new approach is much faster than a previous technique that took between 12 and 15 minutes to expose the network.

The creators of the technique stressed that it won't work with WPA2, the second-generation wireless encryption method that uses the much toucher Advanced Encryption Standard (AES) at its root. AES is frequently used for safeguarding permanent storage, such as on some flash drives and in Apple's FileVault for Mac OS X. Virtually all routers and end devices that support 802.11g and 802.11n also support WPA2.

More details should become public at a Hiroshima conference on September 25th. There are no indications of a likely patch for routers or other Wi-Fi equipment.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. lkrupp

    Junior Member

    Joined: May 2001

    +1

    So what!

    Most users are clueless and don't have ANY wireless encryption turned on in the first place. It's too much for their feeble minds to comprehend.

  1. testudo

    Forum Regular

    Joined: Aug 2001

    -3

    Re: So what!

    Or they just don't believe it is important.

    My brother laughs at everyone in my family with encryption turned on, and he ran an ISP where he lived for a long time, and has been working in computers for 30 years.

  1. ggirton

    Fresh-Faced Recruit

    Joined: Nov 1999

    +2

    incorrectamundo!

    A walk through a surburban neighborhood with the dog, checking out the various home networks on my iPod Touch, reveals that most users DO have their encryption turned ON.

    In any urban area, ALL networks are typically encrypted, except of course for that of Testudo's wise old brother, who probably wonders from time to time why his network connection is slow, but then blames it on the cable company instead of the torrenting teenagers next door!

  1. elitree

    Fresh-Faced Recruit

    Joined: Aug 2009

    +4

    small correction

    When the original TKIP crack came out last year, there was a lot of misinformation about WPA being insecure and WPA2 being completely secure. This article seems to have carried forward some of the misinformation.

    The TKIP protocol, which makes use of an not-secure-enough RC4 cipher, was required for inclusion in all WPA-certified routers. WPA-certified routers did not require the CCMP protocol, which uses the secure AES cipher. However, many (most?) WPA routers still included the CCMP protocol, even though it wasn't required for WPA certification.

    WPA2 certification, on the other hand, requires routers to include the secure CCMP protocol, but most (all?) WPA2 routers still included the insecure TKIP protocol.

    In other words, both insecure TKIP and secure CCMP are available for use on most WPA and WPA2-certified routers out there, and it's up to the router users to ensure that CCMP, not TKIP, is in use as the encryption protocol. But WPA is no less secure than WPA2--it's TKIP that's less secure than CCMP.

    See Security Now! Episode 170 for more detailed info.... thanks!

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Tablo DVR

With over-the-top content options growing past Hulu and Netflix, consumers may be finding it harder to justify paying a monthly fee fo ...

Sound Blaster Roar Bluetooth speaker

There could very well be a new king of the hill for Bluetooth speakers, with Sound Blaster's recent entry into the marketplace. Bringi ...

Kenu Airframe Plus

Simple, stylish and effective, the Kenu Airframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this y ...

Sponsor

toggle

Most Commented

 
toggle

Popular News