Between the Lines

Larry Dignan, Sam Diaz, Andrew Nusca
Home / News & Blogs / Between the Lines

Researchers crack WPA Wi-Fi encryption in 60 seconds

By Andrew Nusca | August 27, 2009, 6:54am PDT

Summary

Computer scientists in Japan have developed a way to break the WPA encryption system used in wireless routers in just one minute.
The attack, which reads encrypted traffic sent between computers and certain types of routers that use the WPA (Wi-Fi Protected Access) encryption system, was devised by Toshihiro Ohigashi of Hiroshima University and Masakatu [...]

Topics

WPA, Encryption, Network Security, Wi-Fi, Wireless And Mobility, Networking, Andrew Nusca

Blogger Info

Larry Dignan

Biography

Larry Dignan

Larry Dignan

Larry Dignan is Editor in Chief of ZDNet and SmartPlanet as well as Editorial Director of ZDNet's sister site TechRepublic. He was most recently Executive Editor of News and Blogs at ZDNet. Prior to that he was executive news editor at eWeek and news editor at Baseline. He also served as the East Coast news editor and finance editor at CNET News.com. Larry has covered the technology and financial services industry since 1995, publishing articles in WallStreetWeek.com, Inter@ctive Week, The New York Times, and Financial Planning magazine. He's a graduate of the Columbia School of Journalism and the University of Delaware.

For daily updates, follow Larry on Twitter.

Sam Diaz

Biography

Sam Diaz

Sam Diaz

Sam Diaz is a senior editor at ZDNet. He has been a technology and business blogger, reporter and editor at the Washington Post, San Jose Mercury News and Fresno Bee for more than 18 years. He's a member of the National Association of Hispanic Journalists and a graduate of California State University, Fresno.

Andrew Nusca

Biography

Andrew Nusca

Andrew Nusca

Associate Editor

Andrew J. Nusca is an associate editor for ZDNet and SmartPlanet. As a journalist based in New York City, he has written for Popular Mechanics and Men's Vogue and his byline has appeared in New York magazine, The Huffington Post, New York Daily News, Editor & Publisher, New York Press and many others. He also writes The Editorialiste, a media criticism blog.

He is a New York University graduate and former news editor and columnist of the Washington Square News. He is a graduate of the Columbia University Graduate School of Journalism. He has been named "Howard Kurtz, Jr." by film critic John Lichman despite having no relation to him. A native of Philadelphia, he lives in New York with his fiancee and his cat, Spats.

Follow him on Twitter.

Vendor HotSpot
Here to help you with your Document Management Needs

Read the DocuMentor blog now

Learn More »

Computer scientists in Japan have developed a way to break the WPA encryption system used in wireless routers in just one minute.

The attack, which reads encrypted traffic sent between computers and certain types of routers that use the WPA (Wi-Fi Protected Access) encryption system, was devised by Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University.

The scientists plan to discuss further details at a technical conference on Sept. 25 in Hiroshima.

Security researchers first showed how WPA could be broken last November, but the researchers have accelerated theory into practice, taking the proven 15-minute “Becks-Tews method” developed by researchers Martin Beck and Erik Tews and speeding it up to just 60 seconds.

Both attacks work only on WPA systems that use the Temporal Key Integrity Protocol (TKIP) algorithm, and do not work on newer WPA 2 devices or on WPA systems that use the stronger Advanced Encryption Standard, or AES, algorithm.

According to their report (.pdf), the limits of the man-in-the-middle attack are fairly restrictive. But the development should spark users to drop WPA with TKIP as a secure method of protection.

Securing routers has been a long and bumpy road. The WEP (Wired Equivalent Privacy) system introduced in 1997 is now considered to be insecure by security experts. Then came WPA with TKIP, followed by WPA 2.

But users have been slow to upgrade to the latest secure methods.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

Andrew J. Nusca is an associate editor for ZDNet and SmartPlanet.

Disclosure

Andrew Nusca

Andrew J. Nusca does not hold any investments in the technology companies he covers.

Biography

Andrew Nusca

Associate Editor

Andrew J. Nusca is an associate editor for ZDNet and SmartPlanet. As a journalist based in New York City, he has written for Popular Mechanics and Men's Vogue and his byline has appeared in New York magazine, The Huffington Post, New York Daily News, Editor & Publisher, New York Press and many others. He also writes The Editorialiste, a media criticism blog.

He is a New York University graduate and former news editor and columnist of the Washington Square News. He is a graduate of the Columbia University Graduate School of Journalism. He has been named "Howard Kurtz, Jr." by film critic John Lichman despite having no relation to him. A native of Philadelphia, he lives in New York with his fiancee and his cat, Spats.

Follow him on Twitter.

More from “Between the Lines”

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion

Talkback Most Recent of 43 Talkback(s)

  • Thats why WPA2 is the only way to go..
    WPA is nice for backwards compatibility - esp those that cant talk WPA2 (AES-CCMP) but this is all the more reason to remove these devices. I personally use WPA2-ENT [yes at home] which I understand is not the norm happy but I NEVER worry about the security of my wireless network as it carries VoIP and other "sensitive" data. Wireless networks need to be properly secured and firewalled from the main LAN to keep them and the rest of the network safe.

    WPA2 happy WEP or WPA sad
    ZDNet Gravatar
    JT82
    08/27/2009 08:08 AM
  • Not exactly, you could be running WPA2-TKIP and WPA-AES
    Not exactly, you could be running WPA2-TKIP and
    WPA-AES. That means in that particular
    instance, the WPA deployment would be more
    secure than WPA2.

    Remember that WPA and WPA2 are merely marketing
    terms.

    This attack definitely shows that the TKIP
    Band-Aid is all but completely broken, but it's
    not a 1 minutes attack by any stretch of the
    imagination.
    ZDNet Gravatar
    georgeou
    08/27/2009 04:29 PM
  • I referenced...
    ...your excellent technical advisory based on rolling out SSC's for PEAP (under RADIUS) - which you wrote for TechRepublic last year. I know, i know, that was 'a long time ago' .. and you wrote *alot* of articles last year. That said, i'm still genuinely grateful for the excellent PEAP implementation guide that you published, it proved invaluable in trouble-shooting across planning, design, testing and re-testing phases.

    Many thanks are due.

    At any rate, i was kicking myself late last year, as my final documented recommendations included using either WPA-TKIP or WPA-AES to secure a WLAN. It was within a week of submitting the report that i read the news flash about *-TKIP being broken - at the time the reported attack vector was still only theoretical.

    I certainly hope that the client org' will have *since* implemented WPA-AES - although that might be a 'stretch' since the contracted hardware vendor was talking up a storm over a WPA-TKIP based WLAN.

    Again, thanks for the great technical writing, you do credit to CNet/TechRepublic/ZDNet [..et al]. I only wish i could say that of some of the staffers here at ZDNet. But that, as the saying goes, "is an entirely different story".

    Sincerely.
    ZDNet Gravatar
    thx-1138_@...
    (Edited: 08/27/2009 11:55 PM)
  • WPA-TKIP or WPA2-TKIP
    basically the same thing.

    I still don't see how 60 seconds is possible, even with the best of technology. We were talking about months to cut this down last time and that was with GPUs. While I admin, I have built a system that would be ideal for this, I don't see the point of dedicating it to breaking a key in a month.

    To even add more fuel to the fire, last time to break the key too brute force and the length was a determining factor. Is that still relevant?
    ZDNet Gravatar
    nucrash
    08/28/2009 09:03 AM
  • My situation
    I use WPA/WPA2 mixed mode. All of my devices use WPA2, but I have some neighbors who I allow on my WLAN also. Just thinking of it, I think both have XP SP3 now, so I just switched it to WPA2 only while writing this.

    My old (3,5 years) Dell Inspiron 2200 with XP SP2 has the XP SP2 WPA2 update from Microsoft. There, the problem is that it when I install SP3, no SSIDs are found (latest drivers, tried everything) - thus, uninstalled SP3. It's only on once a month on average, so that isn't that much of a problem.
    ZDNet Gravatar
    Daniel575
    08/27/2009 09:04 AM
  • Let's use Apple logic here
    Is it in the wild? No? Then it doesn't exist. I encourage all of my Apple loving friends to keep using WPA until they personally know someone who has had their WPA router hacked and has actually suffered some negative consequence from it.

    Until then, this is just crazy scientific gobblygook!
    ZDNet Gravatar
    NonZealot
    08/27/2009 09:11 AM
  • WPA cracks are in the wild, this is just expediting the speed at
    which someone could crack in. Using an unsecure wireless standard such as WEP or TKIP is wreckless and unsafe. It is a fair bet that the bulk of users that use PSK's use the same password to log on to their computer, into their router, for bank accounts and e-mails. So if I am able to fish out the password for a router using these techniques, I could potentially empty their bank accounts, and send hate mail to the President or Members of Congress in their name, and let them take the rap, and "Gone in 60 Seconds."

    In this case their best option is to move to WPA2 with AES encryption, or run their Access point wide open.
    ZDNet Gravatar
    xXSpeedzXx
    08/27/2009 09:34 AM
  • I think you missed the blinding sarcasm there... n/t
    n/t
    ZDNet Gravatar
    Wolfie2K3
    08/27/2009 01:05 PM
  • That's sarcasm?
    Or just another excuse to troll...

    This discussion has nothing to do with Apple or Windoze or any other OS, but how WPA can be cracked.

    I suspect WPA2 with AES will be the next victim.
    ZDNet Gravatar
    Wintel BSOD
    (Edited: 08/27/2009 04:13 PM)
  • LOL!!!
    Or just another excuse to troll...

    Says the person who can't spell Windows!!
    ZDNet Gravatar
    NonZealot
    08/27/2009 04:16 PM
  • Windoze?
    Hey, isn't that the OS that makes me fall asleep sitting in front of it?

    Except when the virus alerts go off...

    lol... grin
    ZDNet Gravatar
    Wintel BSOD
    (Edited: 08/27/2009 04:27 PM)
  • Not so bad
    I'm thinking wreckless would be good, whereas reckless would be bad. Sorry, I'm a language wonk.

    I'm going home to make sure I'm not using TKIP. However, since my bank account is already empty, that wouldn't be a problem. And I haven't had time to send hate mail to the president and congress, so that part would be welcome - at least until they succeed in outlawing free speech. If I see you cruising my neighborhood with a directional antenna, you'll probably get a load of buckshot, unless they succeed in outlawing gun ownership, too.
    ZDNet Gravatar
    JimboNobody
    08/27/2009 03:40 PM
  • Just checkin'
    So...are you okay with me cruising around with an omni? Also, you're okay with discharging firearms on public lands o_O?
    ZDNet Gravatar
    PacoBell
    08/28/2009 11:12 AM
    • Flagged
  • Ignore the Microsoft troll. [nt]
    [nt]
    ZDNet Gravatar
    olePigeon
    08/27/2009 10:44 AM
  • obsess
    v. intr. To have the mind excessively preoccupied with a single emotion
    or topic.
    ZDNet Gravatar
    RealNonZealot
    08/27/2009 02:38 PM
View More Comments

Talkback - Tell Us What You Think

advertisement

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
advertisement