Printed from

Crack breaks WPA-encrypted Wi-Fi in 1 minute

updated 10:45 pm EDT, Thu August 27, 2009

WPA 1 Minute Hack

Japanese researchers today revealed that they have developed a crack that can break WPA (Wireless Protected Access) encryption on a Wi-Fi network within a minute. Kobe University's Masakatu Morii and Hiroshima University's Toshihiro Ohigashi together developed a practical attack that exploits a vulnerability in the Temporal Key Integrity Protocol, or TKIP, that underlines WPA. While not providing full details of the attack for security reasons, the new approach is much faster than a previous technique that took between 12 and 15 minutes to expose the network.

The creators of the technique stressed that it won't work with WPA2, the second-generation wireless encryption method that uses the much toucher Advanced Encryption Standard (AES) at its root. AES is frequently used for safeguarding permanent storage, such as on some flash drives and in Apple's FileVault for Mac OS X. Virtually all routers and end devices that support 802.11g and 802.11n also support WPA2.

More details should become public at a Hiroshima conference on September 25th. There are no indications of a likely patch for routers or other Wi-Fi equipment.

By Electronista Staff
Post tools:




  1. lkrupp

    Junior Member

    Joined: May 2001


    So what!

    Most users are clueless and don't have ANY wireless encryption turned on in the first place. It's too much for their feeble minds to comprehend.

  1. testudo

    Forum Regular

    Joined: Aug 2001


    Re: So what!

    Or they just don't believe it is important.

    My brother laughs at everyone in my family with encryption turned on, and he ran an ISP where he lived for a long time, and has been working in computers for 30 years.

  1. ggirton

    Fresh-Faced Recruit

    Joined: Nov 1999



    A walk through a surburban neighborhood with the dog, checking out the various home networks on my iPod Touch, reveals that most users DO have their encryption turned ON.

    In any urban area, ALL networks are typically encrypted, except of course for that of Testudo's wise old brother, who probably wonders from time to time why his network connection is slow, but then blames it on the cable company instead of the torrenting teenagers next door!

  1. elitree

    Fresh-Faced Recruit

    Joined: Aug 2009


    small correction

    When the original TKIP crack came out last year, there was a lot of misinformation about WPA being insecure and WPA2 being completely secure. This article seems to have carried forward some of the misinformation.

    The TKIP protocol, which makes use of an not-secure-enough RC4 cipher, was required for inclusion in all WPA-certified routers. WPA-certified routers did not require the CCMP protocol, which uses the secure AES cipher. However, many (most?) WPA routers still included the CCMP protocol, even though it wasn't required for WPA certification.

    WPA2 certification, on the other hand, requires routers to include the secure CCMP protocol, but most (all?) WPA2 routers still included the insecure TKIP protocol.

    In other words, both insecure TKIP and secure CCMP are available for use on most WPA and WPA2-certified routers out there, and it's up to the router users to ensure that CCMP, not TKIP, is in use as the encryption protocol. But WPA is no less secure than WPA2--it's TKIP that's less secure than CCMP.

    See Security Now! Episode 170 for more detailed info.... thanks!

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines


Most Popular


Recent Reviews

Linksys WRT1200AC Wi-Fi Router

Once upon a time, a brand-new Linksys router showed up on our doorstep. So we gathered some network-minded friends together, and hooke ...

Rapoo A300 Mini Bluetooth NFC Speaker

The Rapoo Bluetooth Mini NFC Speaker is a little metallic box about the size of a baseball. In spite of its small size, we were very p ...

Neurio Intelligent Home Monitor

The recently released Neurio Intelligent Home Monitor is a piece of hardware that, when integrated into a home's breaker box, monitors ...



Most Commented


Popular News