Weakness Found in Wi-Fi Security Protocol | Internet News
Communications
SHARE
Facebook X Pinterest WhatsApp

Weakness Found in Wi-Fi Security Protocol

Written By
Ryan Naraine
Ryan Naraine
Nov 6, 2003
2 minute read

A wireless security expert has detected a glaring weakness in the
interface design of a highly touted Wi-Fi Protected Access (WPA) protocol
deployed in numerous Wireless LAN products.

According to a research paper posted
on Wi-Fi Networking News, the weakness could allow intruders to crack
poorly chosen passphrases via offline dictionary attacks.

The weakness detailed in the research paper written by IEEE and IETF
committee member Robert Moskowitz means that Wi-Fi hardware
products that ship with WPA might be less secure than the older Wireless
Encryption Protocol (WEP), which it replaced.

The WPA standard, unveiled in
late 2002 as the replacement for WEP , was designed to improve
upon the security features in wireless networks. Specifically, WPA offered
improved data encryption through the temporal key integrity protocol (TKIP).

The TKIP feature scrambles the keys using a hashing algorithm and, by
adding an integrity-checking feature, ensures that the keys haven’t been
tampered with. WEP, on the other hand, uses a static key that is seldom
changed by users. This cryptographic weakness is responsible for many of the
known security issues in WLANs because intruders could easily figure out an
encryption key and access a wireless network.

The latest weakness only takes effect when short, text-based keys are
used and does not reflect a fault in the WPA protocol. The
weakness was described as an interface problem that allows a user to enter
weak keys that can be cracked with offline dictionary attacks.

And, according to Moskowitz, the weakness can be avoided if WLAN hardware
manufacturers build units with the ability to generate random keys that can
be copied and pasted across systems. Manufacturers can also restrict the
ability to enter weak keys by requiring passphrases with numerous characters
instead of words that can be found in the dictionary.

The researcher warned that dictionary based programs used to crack
passwords are heavily used by criminal hackers.

Microsoft has rolled out a free Windows
XP download with support for WPA.
The XP update tweaks the way the OS communicates with the Wi-Fi protocol.
Instead of having one encrypted key for everyone to connect to the network,
Microsoft said its WPA update would provide separate keys for each system
connecting to the Wi-Fi network.
Ryan Naraine
Internet News Logo

InternetNews is a source of industry news and intelligence for IT professionals from all branches of the technology world. InternetNews focuses on helping professionals grow their knowledge base and authority in their field with the top news and trends in Software, IT Management, Networking & Communications, and Small Business.

facebook
x

Company

Contact us Advertise with us

Categories

News Enterprise Small Business Reviews Podcasts Blog Research

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information