Monday, August 31, 2009

New Attack Cracks Common Wi-Fi Encryption in a Minute

Reason to dump WPA with TKIP and start using with AES encryption..

Hiroshima University's Toshihiro Ohigashi and Kobe University's Masakatu Morii say they have developed a way to break the Wi-Fi Protected Access (WPA) encryption system used in wireless routers in about one minute.

Last November, researchers demonstrated how WPA could be broken, but the Japanese researchers have taken the attack to a new level. The first attack worked on a smaller range of WPA devices and required between 12 and 15 minutes to execute. Both attacks work only on WPA systems that use the Temporal Key Integrity Protocol (TKIP) algorithm, and neither work on newer WPA 2 devices or WPA systems that use the more secure Advanced Encryption Standard algorithm. Wi-Fi Alliance's Kelly Davis-Felner says WPA with TKIP was developed as a type of interim encryption method when Wi-Fi was first evolving, and Wi-Fi-certified products have had to support WPA 2 since March 2006.

There's certainly a decent amount of WPA with TKIP out in the installed base today, but a better alternative has been out for a long time. Most enterprise Wi-Fi networks feature security software that would detect the man-in-the-middle attack but the development of a practical attack against WPA should give people a reason to dump WPA with TKIP and start using AES.

Refer here to read full details.

No comments: