WPA Wi-Fi encryption (partially) cracked

Full details of the theoretical attack is not yet known but McMillan reports that two security researchers -- Erik Tews and Martin Beck -- plan to discuss the issue at next week's PacSec conference in Japan. "[They] will show how he was able to crack WPA encryption, in order to read data being sent from a router to a laptop computer. The attack could also be used to send bogus information to a client connected to the router.

From the report:

To do this, [the researchers] found a way to break the Temporal Key Integrity Protocol (TKIP) key, used by WPA, in a relatively short amount of time: 12 to 15 minutes, according to Dragos Ruiu, the PacSec conference's organizer. They have not, however, managed to crack the encryption keys used to secure data that goes from the PC to the router in this particular attack.

To pull off their trick, the researchers first discovered a way to trick a WPA router into sending them large amounts of data. This makes cracking the key easier, but this technique is also combined with a "mathematical breakthrough," that lets them crack WPA much more quickly than any previous attempt, Ruiu said.

Tews is planning to publish the cryptographic work in an academic journal in the coming months, Ruiu said. Some of the code used in the attack was quietly added to Beck's Aircrack-ng Wi-Fi encryption hacking tool two weeks ago, he added.

It's important to note, as Thierry Zoller explains, that this is only a partial crack that doesn't give an attacker access to data transmited over a wireless network.