Printed from

Crack breaks WPA-encrypted Wi-Fi in 1 minute

updated 10:45 pm EDT, Thu August 27, 2009

WPA 1 Minute Hack

Japanese researchers today revealed that they have developed a crack that can break WPA (Wireless Protected Access) encryption on a Wi-Fi network within a minute. Kobe University's Masakatu Morii and Hiroshima University's Toshihiro Ohigashi together developed a practical attack that exploits a vulnerability in the Temporal Key Integrity Protocol, or TKIP, that underlines WPA. While not providing full details of the attack for security reasons, the new approach is much faster than a previous technique that took between 12 and 15 minutes to expose the network.

The creators of the technique stressed that it won't work with WPA2, the second-generation wireless encryption method that uses the much toucher Advanced Encryption Standard (AES) at its root. AES is frequently used for safeguarding permanent storage, such as on some flash drives and in Apple's FileVault for Mac OS X. Virtually all routers and end devices that support 802.11g and 802.11n also support WPA2.

More details should become public at a Hiroshima conference on September 25th. There are no indications of a likely patch for routers or other Wi-Fi equipment.

By Electronista Staff
Post tools:




  1. lkrupp

    Junior Member

    Joined: May 2001


    So what!

    Most users are clueless and don't have ANY wireless encryption turned on in the first place. It's too much for their feeble minds to comprehend.

  1. testudo

    Forum Regular

    Joined: Aug 2001


    Re: So what!

    Or they just don't believe it is important.

    My brother laughs at everyone in my family with encryption turned on, and he ran an ISP where he lived for a long time, and has been working in computers for 30 years.

  1. ggirton

    Fresh-Faced Recruit

    Joined: Nov 1999



    A walk through a surburban neighborhood with the dog, checking out the various home networks on my iPod Touch, reveals that most users DO have their encryption turned ON.

    In any urban area, ALL networks are typically encrypted, except of course for that of Testudo's wise old brother, who probably wonders from time to time why his network connection is slow, but then blames it on the cable company instead of the torrenting teenagers next door!

  1. elitree

    Fresh-Faced Recruit

    Joined: Aug 2009


    small correction

    When the original TKIP crack came out last year, there was a lot of misinformation about WPA being insecure and WPA2 being completely secure. This article seems to have carried forward some of the misinformation.

    The TKIP protocol, which makes use of an not-secure-enough RC4 cipher, was required for inclusion in all WPA-certified routers. WPA-certified routers did not require the CCMP protocol, which uses the secure AES cipher. However, many (most?) WPA routers still included the CCMP protocol, even though it wasn't required for WPA certification.

    WPA2 certification, on the other hand, requires routers to include the secure CCMP protocol, but most (all?) WPA2 routers still included the insecure TKIP protocol.

    In other words, both insecure TKIP and secure CCMP are available for use on most WPA and WPA2-certified routers out there, and it's up to the router users to ensure that CCMP, not TKIP, is in use as the encryption protocol. But WPA is no less secure than WPA2--it's TKIP that's less secure than CCMP.

    See Security Now! Episode 170 for more detailed info.... thanks!

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines


Most Popular


Recent Reviews

Seagate Wireless

It seems like no matter how much internal storage is included today's mobile devices, we, as users, will always find a way to fill the ...

Lenovo Yoga Tablet 2 (Android, 10.1-inch)

Lenovo is building a bigger name for itself year after year, including its devices expanding beyond desktop computers. The company's l ...

Brother HL-L8250CDN Color Laser Printer

When it comes to selecting a printer, the process is not exactly something most people put a lot of thought into. Printers are often t ...



Most Commented


Popular News