WPA Encryption Cracked In 60 Seconds

carusoj writes "Computer scientists in Japan say they've developed a way to break the WPA encryption system used in wireless routers in about one minute. Last November, security researchers first showed how WPA could be broken, but the Japanese researchers have taken the attack to a new level. The earlier attack worked on a smaller range of WPA devices and took between 12 and 15 minutes to work. Both attacks work only on WPA systems that use the Temporal Key Integrity Protocol (TKIP) algorithm. They do not work on newer WPA 2 devices or on WPA systems that use the stronger Advanced Encryption Standard (AES) algorithm."

Re:How Long?

[0100010001010011]

Backtrack really doesn't "do" anything, it's just an awesome integration of separate tools.

aircrack is the base package that would most probably implement this.

Re:Secure protocols for home wifi?

[Hijacked+Public]

This list is still accurate, if you apply the comment on #4 up to #5 as well.

And run DD-WRT.

Re:Secure protocols for home wifi?

[v1]

It's probably not so much a matter of what base crypto they're using (a la AES, SHA, etc) but how they're implementing the key exchange when negotiating the connection. Implement good crypto wrong and you open the door. Initial negotiations between parties is a tricky, multistep affair for good security, to prevent MITM.

Re:so, uh,

[rawls]

The original paper is here

As usual

[trifish]

And the most important piece of information comes at the very end of the summary (just not to diminish the sensation or prevent FUD):

They do not work on newer WPA 2 devices or on WPA systems that use the stronger Advanced Encryption Standard (AES) algorithm.

It wasn't broken

[mx_mx_mx]

They have just found a way to decrypt a packet using the WEP chopchop algorithm. Master key can't still be recovered. Move along, this isn't news

Not new

[MobyDisk]

TKIP was fundamentally broken, by design. We knew that. TKIP was invented as an intermediate encryption that could run on the same hardware that WEP ran on. It allowed router manufacturers to use something better than WEP without having to beef-up their hardware. It worked well, and bought several years before it was completely broken. Anyone who has a router using TKIP bought at a bad time, and is stuck with something that's only a little better than WEP. The solution is to buy a router that supports WPA2, which has real AES encryption.

Re:Secure protocols for home wifi?

[dissy]

When your options for your internet connection top out below 10mbps, does it matter that your LAN can only do 22? Or 144?

Yes, it matters.

It might not be needed for you, if all you use your PCs for is to use the internet, but not talk to each other heavily.

Others however have an internal autonomous network of machines that all talk to each other and only occasionally out to the internet.

Running a fileserver to play videos on your multiple entertainment PC devices on TVs, tossing large files around, running onsite+online backups... None of those things need an internet connection at all to do, yet there is a slight noticeable difference between doing them at 11mbit and doing them at 1000.

Other protocols available

[azrider]

TKIP was fundamentally broken, by design. We knew that. TKIP was invented as an intermediate encryption that could run on the same hardware that WEP ran on.

TKIP (Timed Key Interchange Protocol, for those who don't know) does have a weak spot. This is that the new key is sent out from the access point on a regular basis. Cisco's implementation (supported by most companies that supply 802.11a equipment) makes two changes. One is that the time value set is a maximum value (the key change interval is actually random). The other is that the new key is sent via the encrypted session. You therefore have to have cracked the old key to receive the new key.

It will be interesting to see if that is discussed when the paper is presented.