Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Crack WPA Wi-Fi Encryption

Posted by CmdrTaco on from the now-they'll-know-my-secrets dept.

narramissic writes "Researchers Erik Tews and Martin Beck 'have just opened the box on a whole new hacker playground, says Dragos Ruiu, organizer of the PacSec conference. At the conference, Tews will show how he was able to partially crack WPA encryption in order to read data being sent from a router to a laptop. To do this, Tews and Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, used by WPA, in a relatively short amount of time: 12 to 15 minutes. They have not, however, managed to crack the encryption keys used to secure data that goes from the PC to the router in this particular attack. 'Its just the starting point,' said Ruiu."

8 of 311 comments (clear)

  1. Meh by Anonymous Coward · · Score: 5, Interesting

    Cat5

  2. Who uses TKIP instead of AES? by LibertineR · · Score: 5, Interesting

    Is AES not the more secure of the two? From everything I have read, AES is the preffered option over TKIP.

  3. It's a ploy! by dmomo · · Score: 3, Interesting

    OMG! We need routers w/ better encryption. Buy router company and encryption company stocks! Everyone run out to Best Buy and get a new router.

    Or, it just might be a real problem. /crumples tinfoil hat and pouts.

  4. Well duh... by Zakabog · · Score: 3, Interesting

    Does anyone seriously treat any wireless transmission as if it was secure? If anyone who cares to listen can easily pick up everything being sent from your computer it's only a matter of time and CPU power before they can read it.

    Yes I know, the article mentions they actually found a more efficient method of cracking WPA than a simple brute force attack, and that is a flaw in WPA not wireless security. Although while they may come up with new encryption methods I still don't trust wireless for much more than browsing slashdot or searching google. If I need to do anything that involves sensitive information like ordering something online I can wait to go to a wired desktop.

  5. 'Its just the starting point,' by Keramos · · Score: 4, Interesting

    So, the headlines blare "WPA is cracked!!!!", but the researchers themselves say they haven't cracked the keys used to encrypt the data and all they have is a "starting point".

    So, how is WPA cracked and useless, again??

    I suppose maybe we'll see at the PacSec conference.

  6. why not RSA? by Lord+Bitman · · Score: 3, Interesting

    As a serious question, the ignorant wanting to be enlightened: Why don't wireless access points just use some well-known and tested public key encryption? What problem is being solved by WEP/WPA/etc which simply broadcasting (or for the paranoid: copying over with a USB key) a regular old public key wouldn't cover?

    --
    -- 'The' Lord and Master Bitman On High, Master Of All
  7. Comment removed by account_deleted · · Score: 3, Interesting

    Comment removed based on user account deletion

  8. Re:WPA2 is NOT broken by maztuhblastah · · Score: 4, Interesting

    Joe the Pedo cares a lot about getting free untraceable internet access.

    Oh no you don't. If the politicians don't get to use the "think of children" excuse to justify increased surveillance, shredding the Constitution, and guilty-until-proven-innocent, then we don't get to use it as an explanation for our security decisions. Let's not have a double standard here; one standard will do just fine.

    --
    The real litigious bastards...