The Real Story On WPA's Flaw

Posted by kdawson on Friday November 7, 2008 @01:14AM from the calm-down dept.

Glenn Fleishman writes "The reports earlier today on WPA's TKIP key type being cracked were incorrect. I spoke at length with Erik Tews, the joint author of the paper that discloses a checksum weakness in TKIP that allows individual short packets to be decrypted without revealing the TKIP key. I wrote this up for Ars Technica with quite a bit of background on WEP and WPA. Tews's paper, co-written with Martin Beck, whom he credits as discovering and implementing a working crack (in aircrack-ng as a module), describes a way to use a backwards-compatible part of TKIP to exploit a weakness that remains from WEP. ARP packets and similarly short packets can be decoded. Longer packets are likely still safe, and TKIP hasn't been cracked. Don't believe the hype, but the exploit is still notable."

5 of 67 comments (clear)

Min score:

Reason:

Sort:

vocabulary by Anonymous Coward · 2008-11-07 01:19 · Score: 3, Funny

Use really long words.
1. Re:vocabulary by coleblak · 2008-11-07 04:47 · Score: 2, Funny
  
  Can you have firefox loaded on a usb key with all those addons installed? make it safer for you if you can.
  
  --
  77 HITS
  Really Long Off Topic Combo
Re:The boy who cried wolf... by flajann · 2008-11-07 01:51 · Score: 3, Funny

Saw it on the Internet; It's gotta be true!

--
Ruby Neural Evolution of Augmenting Topologies
We should be safe from any WPA vulnerability! by Karpe · 2008-11-07 03:42 · Score: 3, Funny

Still using WEP here. ;)
Re:Don't panic, but... by Vexorian · 2008-11-07 07:54 · Score: 3, Funny

Until today, sumdumass was not able to agree with common sense.

--

Copyright infringement is "piracy" in the same way DRM is "consumer rape"