The Real Story On WPA's Flaw

Glenn Fleishman writes "The reports earlier today on WPA's TKIP key type being cracked were incorrect. I spoke at length with Erik Tews, the joint author of the paper that discloses a checksum weakness in TKIP that allows individual short packets to be decrypted without revealing the TKIP key. I wrote this up for Ars Technica with quite a bit of background on WEP and WPA. Tews's paper, co-written with Martin Beck, whom he credits as discovering and implementing a working crack (in aircrack-ng as a module), describes a way to use a backwards-compatible part of TKIP to exploit a weakness that remains from WEP. ARP packets and similarly short packets can be decoded. Longer packets are likely still safe, and TKIP hasn't been cracked. Don't believe the hype, but the exploit is still notable."

Big breaks start from small holes

[RagManX]

This is more interesting than I suspect most people will think it is. With any security system, researchers build on weaknesses found piece by piece. It might not seem a big deal that short packets can be decoded nor that a few additional packets can be injected into a wifi network data stream, but these small cracks almost always lead to methods of getting more information from the security system.

I've been watching WPA security studies for a while, and this seems the most significant flaw yet found. It will be very interesting to see if and how this exploit is grown into something more generally usable.