DELETE IF OLD NEWS
http://www.vnunet.com/vnunet/news/2230071/researchers-crack-wpa
Researchers crack WPA encryption
Two researchers have apparently cracked a part of the Wi-Fi Protected Access (WPA) encryption protocol.
Erik Tews and Martin Beck claim to have broken the Temporal Key Integrity Protocol in under 15 minutes. The breakthrough means that data sent from the router to the PC can be scanned, but not the other way around.
Advertisement
Click here to find out more!
Access to this traffic could also enable a hacker to send false information to a client on the network.
The researchers developed a way to get the router to send out large volumes of traffic, thereby giving them a large data set to work with, in order to break the key using a mathematical formula the pair developed.
WPA's predecessor, Wired Equivalent Privacy (WEP), which was developed as one of the first wireless security systems in the 1990s, is now considered almost completely unsecure as it can be hacked in just a few minutes using tools easily available on the internet.
WPA2, an advanced version of the protocol, is not susceptible to the new attack and is still considered secure.
But WPA2 is a relatively new platform and was only made mandatory in all new products from March this year, meaning that many users may have routers that do not support the standard.
Experts believe that this latest development could open the door for a host of new wireless network attacks, forcing many businesses to upgrade their systems to remain protected.
Full details about the WPA hack will be revealed and discussed next week at the PacSec Applied Security Conference in Tokyo.
-
Tinderbox (UK) BAKED BEAN KING
-
Thund3rball I dont know, I'm guessing
Funny this year is the first time I have ever gone wireless, and that's just for my notebook. I still go through a CAT 5 cable for my desktop. And yes I use WAP 2. But I am not 100% comfortable with it. I don't do anything important like banking or credit card transactions over my wireless. I still use the wired desktop and the wife does too.
-
Tinderbox (UK) BAKED BEAN KING
Hi.
So how do i know if my router supports WPA2? does it just say WPA2 in the wireless encryption settings.
I have an Netgear dg834gt , I am on the V1.02.16 firmware , picture below.
Regards
John.Attached Files:
-
-
I really hope you're not freaking out or anything. Do you -really- think there's going to be a hacker at your house cracking your WPA?
Tinderbox, your router does not support WPA2. -
Tinderbox (UK) BAKED BEAN KING
Hey, I could have some really sensitivity information here!!!!
Regards
John.
-
Thund3rball I dont know, I'm guessing
I am such a networking moron but from what I see your router does not seem to support WPA2 in the options you have there.
-
This old news, WEP, WPA and WPA2 are fairly easy to break if you know what you are doing. WEP is really easy to break, all it takes is a little know how and 20 - 60 minutes of time. However, WPA and WPA2 are more difficult, because they require dictionary attacks against the PSK.
If you are really concerned about the security of your network, use very long pass phrases that 25+ characters long with lower and upper case letters, numbers and symbols, and rotate them on a semi-frequent basis. Also, don't allow access to your router's control panel to wireless clients if you can. This way, even if a hacker catches the WPA handshake, they aren't going to be able to get your password out of it in a very, very long time.
The article says that hackers have broken the TKIP protocol, so if you can, switch the groupwise cipher to CCMP.
NEWS : Researchers crack WPA encryption
Discussion in 'Networking and Wireless' started by Tinderbox (UK), Nov 7, 2008.