Slashdot Mirror
New Improvements On the Attacks On WPA/TKIP
olahau writes "Two weeks ago, improvements to the previously reported attack on WPA/TKIP, were presented at the NorSec Conference in Oslo, Norway. In their paper coined 'An Improved Attack on TKIP,' Finn Michael Halvorsen and Olav Haugen describe the improvements, which enable an attacker to inject larger, maliciously crafted packets into a WPA/TKIP protected network, thus opening the probabilities for new and more sophisticated attacks against the well-established wireless security protocol."
New Improvements On the Attacks On WPA/TKIP
... in Cincinatti!!
"I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)
WEP is better? Has it always been better?
Sure, keep using WEP. 128-bit WEP takes a very long time to break. Somewhere on the order of 15-30 minutes, in my experience.
The timing of this new attack could not have been better - the day after the UK government announces they want to introduce a "three strikes" rule before disconnecting suspected file-sharers.
I imagine this must be a massive headache for ISPs who have been shipping routers with WPA/TKIP enabled for compatibility (i.e. a lot of them). Suddenly their routers need remotely updating and they have to hope that most of their customer's wifi drivers will cope with the move to AES.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
WEP is "Wired Equivalent Privacy". It wasn't supposed to be very strong - about a secure a regular wired network. However, it wasn't known back then just HOW weak it was. As a stopgap measure, WPA PSK (TKIP) was created. Since it uses the same algorithm as WEP, (RC4), existing equipment could be easily upgraded with just a firmware/software update. A long-term solution WPA2 PSK (AES) was created as well.
WPA-PSK (TKIP) is still far, far better than WEP by many order of magintude, but WPA2-PSK is better, and if all you wireless devices support it (in particular the Nintendo DS DOES NOT, The DSi does, but not for DS games), then that preferred.
no. Actually, let me rephrase that... "NO!!!!!!"
WEP has been broken. Terribly, horribly, and completely broken. Not only are attacks possible, they are out there, and they are the data-intercept type. It's somewhat more secure than running Open and hiding your SSID, but not a lot more.
WPA/TKIP has a vulnerability that malformed packets may be inserted in to the data stream. This opens the door for possible attacks. That does not mean attacks are currently possible, nor does it necessarily mean that data-intercept attacks will be possible near-term. You are "nearly safe" running WPA/TKIP. WPA/TKIP uses the same encryption methodologies as WPA but encrypts more data and is a lot harder to break.
WPA/AES has, to my knowledge, no presently-known attack vector vulnerabilities. That can (and probably will) change.
But if your gear is capable of WPA/AES, switch to that. If not, leave it as WPA/TKIP.
And for the love of Pete, switch to a longer password with some nice scrunchy numbers, letters (upper and lower) and a few special characters. 10 total characters should do it if you use the prefix of some phrase and replace a few letters with special characters.
Example: The Lord of the Rings is the Greatest Series Ever Written
TLotRitGSER This is actually a decent-security password, you've got decent length, 11 characters, and some upper/lower goodness.
Now add the concepts that it was originally actually one book, (&1b), and not about the 7 dwarves (!7d) to the end. TLotRitGSER&1b!7d
Seriously secure password, and you're going to remember the hell out of it. Of course, it helps if you use something memorable to you.
Then you'll never go around saying "Amazing! That's the exact same combination I have on my luggage!"
"This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
In-order to hack WEP it's quite simple today, you need to do the following :
:
1) Listen to packets going through (monitor mode)
2) Force people to send more packets using arp-replay packets or specially crafted packets
3) Capture about 25000 packets and make an crypto analysis [the more packets you capture, more chance you'll be able to decrypt the password] about this packets to get password
In WPA1/2 it's quite different
1) Listen to packets going through in monitor mode
2) Wait un-till you capture a connection-login handshake (it's 2 packets both ways = 4 packets)
3) After you capture packets in 2, you need to do Dictionary attack on the captured session login. If that word isn't in your dictionary, you're screwed.
That's why a current wireless hacking methods against a strong not-in-dictionary WPA(PSK) password will be quite hard (if possible) to hack these days.
Just so we all be cleared.
Read and Comment at my BLOG
!!!
Did you even read the paper or take the time to understand the attack?
I'm one of the authors of IEEE 802.11i. I did, and it's not good.
This is a significant advance in attack technique on TKIP. Get off of TKIP as quickly as you can. NOW.
On one hand, as the paper's authors point out, we got seven years of life out of a band-aid fix that was designed to buy us five. I'm pretty happy with that.
On the other hand, the Beck and Tews attack opened some cracks in the walls, this latest paper wedges that crack further open by a factor of 14, and provides some practical real-world exploit scenarios. The bad guys will come up with more, trust me.
This is bad.
Migrate off of TKIP NOW.
Your advice for the length of a passphrase is off as well, BTW. IEEE 802.11i CLEARLY states that a passphrase of less that 20 characters in length does not offer adequate security.
Use a strategy to choose a LONG, STRONG passphrase. Type it into notepad. Cut and paste it wherever it needs to go to eliminate typo errors.
Cheers.....
Red