Researchers Crack WPA Wi-Fi Encryption 311
narramissic writes "Researchers Erik Tews and Martin Beck 'have just opened the box on a whole new hacker playground, says Dragos Ruiu, organizer of the PacSec conference. At the conference, Tews will show how he was able to partially crack WPA encryption in order to read data being sent from a router to a laptop. To do this, Tews and Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, used by WPA, in a relatively short amount of time: 12 to 15 minutes. They have not, however, managed to crack the encryption keys used to secure data that goes from the PC to the router in this particular attack. 'Its just the starting point,' said Ruiu."
Meh (Score:5, Interesting)
Cat5
'Story' tag (Score:2, Interesting)
Who uses TKIP instead of AES? (Score:5, Interesting)
It's a ploy! (Score:4, Interesting)
OMG! We need routers w/ better encryption. Buy router company and encryption company stocks! Everyone run out to Best Buy and get a new router.
Or, it just might be a real problem. /crumples tinfoil hat and pouts.
Re:Who uses TKIP instead of AES? (Score:2, Interesting)
I have a lot of problem connecting my XP box with AES encryption. If I use 3rd party, may be I could've but I changed my encryption to TKIP and it worked fine.
So... There you go !!!
Well duh... (Score:4, Interesting)
Does anyone seriously treat any wireless transmission as if it was secure? If anyone who cares to listen can easily pick up everything being sent from your computer it's only a matter of time and CPU power before they can read it.
Yes I know, the article mentions they actually found a more efficient method of cracking WPA than a simple brute force attack, and that is a flaw in WPA not wireless security. Although while they may come up with new encryption methods I still don't trust wireless for much more than browsing slashdot or searching google. If I need to do anything that involves sensitive information like ordering something online I can wait to go to a wired desktop.
'Its just the starting point,' (Score:4, Interesting)
So, the headlines blare "WPA is cracked!!!!", but the researchers themselves say they haven't cracked the keys used to encrypt the data and all they have is a "starting point".
So, how is WPA cracked and useless, again??
I suppose maybe we'll see at the PacSec conference.
why not RSA? (Score:4, Interesting)
As a serious question, the ignorant wanting to be enlightened: Why don't wireless access points just use some well-known and tested public key encryption? What problem is being solved by WEP/WPA/etc which simply broadcasting (or for the paranoid: copying over with a USB key) a regular old public key wouldn't cover?
Comment removed (Score:3, Interesting)
Comment removed (Score:3, Interesting)
Comment removed (Score:4, Interesting)
Re:WPA2 is NOT broken (Score:5, Interesting)
Joe the Pedo cares a lot about getting free untraceable internet access.
Oh no you don't. If the politicians don't get to use the "think of children" excuse to justify increased surveillance, shredding the Constitution, and guilty-until-proven-innocent, then we don't get to use it as an explanation for our security decisions. Let's not have a double standard here; one standard will do just fine.
CAT5 in Australia (Score:3, Interesting)
And if you live in Australia it is *ILLEGAL* for you to run your own cat5 in dry wall. You need to have a special licence that not even electricians have.
Welcome to the REAL nanny country!
Re:WPA2 is NOT broken (Score:3, Interesting)
The walls between *rooms* are made of *brick*?
Wow.
Renovation must be a bitch. A couple years ago, it took me about three hours to move a closet from *this* room to *that* room, with wooden walls, coz I could just rip off some sheetrock, cut out two studs, put in a header, put in two studs in the old doorway, and put up new drywall.
It's also my (rather picky, admittedly) habit that when I walk into a room and try and turn on the lightswitch in the wrong place, well, it's not the wrong place, then is it? so I move the switch. Which, again, takes about an hour and a half, and then it's where I wanted it to be in the first place. When I move a computer from over *here* to over *there*, I move the power outlet (because I run a separate circuit for the computers, through a UPS) and the Cat5 outlet. I can't even imagine trying to deal with that with brick walls.