Slashdot Mirror

← Back to Stories (view on slashdot.org)

WPA Encryption Cracked In 60 Seconds

Posted by timothy on from the nicholas-cage-has-an-alibi dept.

carusoj writes "Computer scientists in Japan say they've developed a way to break the WPA encryption system used in wireless routers in about one minute. Last November, security researchers first showed how WPA could be broken, but the Japanese researchers have taken the attack to a new level. The earlier attack worked on a smaller range of WPA devices and took between 12 and 15 minutes to work. Both attacks work only on WPA systems that use the Temporal Key Integrity Protocol (TKIP) algorithm. They do not work on newer WPA 2 devices or on WPA systems that use the stronger Advanced Encryption Standard (AES) algorithm."

10 of 322 comments (clear)

  1. Re:Cool by MooseMuffin · · Score: 5, Insightful

    You'll be able to provide more free wireless too!

  2. I'm safe. by rawls · · Score: 5, Funny

    Lucky for me, I use WEP, so I'm safe.

  3. Re:Secure protocols for home wifi? by Hijacked+Public · · Score: 5, Informative

    This list is still accurate, if you apply the comment on #4 up to #5 as well.

    And run DD-WRT.

    --
    "Sacrifice for the good of The State" - The State
  4. Re:Secure protocols for home wifi? by v1 · · Score: 5, Informative

    It's probably not so much a matter of what base crypto they're using (a la AES, SHA, etc) but how they're implementing the key exchange when negotiating the connection. Implement good crypto wrong and you open the door. Initial negotiations between parties is a tricky, multistep affair for good security, to prevent MITM.

    --
    I work for the Department of Redundancy Department.
  5. Re:Secure protocols for home wifi? by Mad+Merlin · · Score: 5, Insightful

    Wired ethernet. Not only is it vastly more secure, it's also an order of magnitude or two faster than wireless.

    --
    Game! - Where the stick is mightier than the sword!
  6. Re:Secure protocols for home wifi? by ColdWetDog · · Score: 5, Funny

    Wired ethernet. Not only is it vastly more secure, it's also an order of magnitude or two faster than wireless.

    No wireless? Lame.

    --
    Faster! Faster! Faster would be better!
  7. As usual by trifish · · Score: 5, Informative

    And the most important piece of information comes at the very end of the summary (just not to diminish the sensation or prevent FUD):

    They do not work on newer WPA 2 devices or on WPA systems that use the stronger Advanced Encryption Standard (AES) algorithm.

  8. It wasn't broken by mx_mx_mx · · Score: 5, Informative

    They have just found a way to decrypt a packet using the WEP chopchop algorithm. Master key can't still be recovered. Move along, this isn't news

    --
    Linux forever
  9. I have a better security... by AmigaHeretic · · Score: 5, Funny

    I don't know why people insist on using WEP, WPA, WPA2, etc..

    I just made my SSID "Logon for only $3.99 per minute"

    Haven't ever seen my neighbors log on even once.

    _

  10. Re:How about free secure wireless? by oatworm · · Score: 5, Funny

    Ah - the "If you want to outrun a bear, the key is not to outrun the bear - it's to outrun the person behind you" principle. That sort of wisdom ranks up there with, "Women are like square roots - if they're under 16, you should do them in your head."

    Take that however you will.