No longer safe: WPA encryption cracked in 12 to 15 minutes
Summary: It was only a matter of time.Sure, we can all expect that some hacker with enough time and processing power would eventually crack a WPA-protected wireless network to decrypt someone's precious data.
It was only a matter of time.
Sure, we can all expect that some hacker with enough time and processing power would eventually crack a WPA-protected wireless network to decrypt someone's precious data.
But in 15 minutes?
Yes sir, according to Wi-Fi wizard Erik Tews, who is expected to give a presentation next week at the PacSec Conference in Tokyo describing his "mathematical breakthrough" that he says enables him to crack WPA-TKIP in just 12 to 15 minutes.
PC World has the scoop:
The work of Tews and Beck does not involve a dictionary attack, however.
To pull off their trick, the researchers first discovered a way to trick a WPA router into sending them large amounts of data. This makes cracking the key easier, but this technique is also combined with a "mathematical breakthrough," that lets them crack WPA much more quickly than any previous attempt, Ruiu said.
Tews is planning to publish the cryptographic work in an academic journal in the coming months, Ruiu said. Some of the code used in the attack was quietly added to Beck's Aircrack-ng Wi-Fi encryption hacking tool two weeks ago, he added.
Uh oh.
Of course, there are limitations: Apparently, the data sent from a connected device to the compromised router is still safe. But anything headed down the information highway in the opposite direction? Wide open.
So who is this Tews guy, anyway? He's the guy who cracked WEP in under a minute last year (and, in a bit of irony, advised people to switch to WPA as a result). The answer, for now, is to switch to WPA2.
For now.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
I've said it before, I'll say it again...
http://talkback.zdnet.com/5208-12691-0.html?forumID=1&threadID=45392&messageID=838312&start=-9957
The only secure networking choice...
Telegraph, telephone, television, tellawoman!
I personally do not trust wireless security without a backup VPN or other method. Someone might discover my true identity?
WPA is not cracked - only TKIP is, no access to data..
- Attack does not give you access to the data transmited
- Why? Only the TKIP key is being recovered
Temporal Key Integrity Protocol (TKIP) is nothing else then our good old friend RC4 (same as used in WEP, yep) with the difference that the KEY changes every 10KB packet,
hence the name (Temporal). Another change was to add the MAC into the calculation making it basicaly a salt that results in different key set with the same IV (Initialisation Vector). This also reduces the possibility of a replay attack.
What McMillan basicaly says is that they found a way to :
- have the AP generate LOT of traffic, meaning lot of encrypted datapackets you can
then use a new way to bruteforce TKIP
I can't say more until the airodump-ng SVN repositry is reachable, part of the code is already in there.
ahhh stop being soo sensational. Your topic header is cherry picking.
encrypted traffic is also already protected. Maybe you could read parts of packets.. but that doesnt get you the whole file.. since the key changes all the time.
Yes, but any crack ....
CRAcked
this is a set p they know this for years now,
only it's gotten much worse than MS can fix.
all plot and ploy by us gov.
>>> blue tooth is the same way !
Do some fact checking ZDnet
Steve Gibson categorically makes this article and others like it look like ignorant sensationalists.
Thanks for the fact checking ZDnet, good scare tactics.