New Improvements On the Attacks On WPA/TKIP

olahau writes "Two weeks ago, improvements to the previously reported attack on WPA/TKIP, were presented at the NorSec Conference in Oslo, Norway. In their paper coined 'An Improved Attack on TKIP,' Finn Michael Halvorsen and Olav Haugen describe the improvements, which enable an attacker to inject larger, maliciously crafted packets into a WPA/TKIP protected network, thus opening the probabilities for new and more sophisticated attacks against the well-established wireless security protocol."

Just in time!

[AmiMoJo]

The timing of this new attack could not have been better - the day after the UK government announces they want to introduce a "three strikes" rule before disconnecting suspected file-sharers.

I imagine this must be a massive headache for ISPs who have been shipping routers with WPA/TKIP enabled for compatibility (i.e. a lot of them). Suddenly their routers need remotely updating and they have to hope that most of their customer's wifi drivers will cope with the move to AES.