Chinks Appear in WPA’s Wireless Security Armor

Researchers with the British Computer Society (BCS) claim to have cracked the Wi-Fi Protected Access (WPA) wireless security standard and will reveal their findings at the PacSec conference to be held in Tokyo next week.

Researchers Erik Tews and Martin Beck say they broke the Temporal Key Integrity Protocol (TKIP) that provides WPA security, in just under 15 minutes, the BCS quoted PacSec organizer Dragos Ruiu as saying.

WPA is widely used for wireless security in everything from home networks to retail stores to enterprises. It is used in place of the Wired Equivalent Privacy (WEP) protocol, which is considered ineffectual and easily cracked within minutes.

Tews would know. He is one of three students at Darmstadt University of Technology that developed a way to crack the WEP protocol in less than two minutes, according to The Register.

In that attack, they used the Aircrack-ptw WEP key cracking tool. This breaks 104-bit WEP security in less than 60 seconds, according to the Security Hacks Web site.

The news is not all bad — TKIP is the weaker of two keys that is part of WPA and WPA2 , and the stronger AES (Advanced Encryption Standard) key method that can be used with WPA/WPA2 is not vulnerable. You can read about the AES standard in this PDF.

Security experts contacted by declined to comment until Tews and Beck make their presentation.

While the researchers could read data being sent from a router to a laptop and send false information to anyone using the router, they could not read secure data being transmitted from a laptop to the router, according to the BCS.

PacSec, where Tews and Beck will make their presentation, will see the most significant new discoveries about computer network hack attacks, according to the conference’s Web site.

News Around the Web