View Full Version : Breaking news 11/08: WPA TKIP cracked

November 6th, 2008, 10:20 PM
Security researchers say they've developed a way to partially crack the Wi-Fi Protected Access (WPA) encryption standard used to protect data on many wireless networks.

...researcher Erik Tews will show how he was able to crack WPA encryption, in order to read data being sent from a router to a laptop computer. The attack could also be used to send bogus information to a client connected to the router.

To do this, Tews and his co-researcher Martin Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, used by WPA, in a relatively short amount of time: 12 to 15 minutes, according to Dragos Ruiu, the PacSec conference's organizer.

...Some of the code used in the attack was quietly added to Beck's Aircrack-ng Wi-Fi encryption hacking tool two weeks ago, he added.

...A new wireless standard known as WPA2 is considered safe from the attack developed by Tews and Beck, but many WPA2 routers also support WPA.


I guess it was only a matter of time before this would happen.

EDIT: Turns out the crack is not as complete as the press first announced, so WPA is still relatively safe:

November 6th, 2008, 10:38 PM
OMG another cryptographic system has fell!.
Only PGP stands victorious!