By | No Comments
Last updated: Thursday, November 6, 2008

Two researchers have opened a new can of worms that could let hackers wreak havoc on network managers. Erik Tews and Martin Beck say they have found a way to crack the widely used Wireless Protection Access (WPA), a standard supported by the Wi-Fi Alliance and currently used to secure wireless computer networks. The researchers say they have specifically cracked the Temporal Key Integrated Protocol (a set of algorithms used by WPA), a feat that had been considered nearly impossible. “We were able to write up both attacks about one month ago in a research paper we submitted to WISEC 2009, which is currently under review,” said Tews in an e-mail interview with us from Germany. “Very experimental implementations of these attacks are ready and available in the aircrack-ng public SVN server.” The duo took only 12 to 15 minutes to complete their feat and will share their findings at the PacSec conference in Tokyo next week. PacSec presenters focus on technical security details as they relate to current issues and best practices in information security. Their findings are shared with a multinational group of security professionals. “We will demonstrate two attacks; one of them is a little improvement in WEP key recovery, the other one is on WPA,” Tews said. “In a nutshell, the WPA attack allows an attacker to decrypt packets with a rate of one byte plaintext per minute or a little bit more,” Tews said. “For short packets, this can be 15 minutes or so. After that, you will be able to send some packets, but only seven to 15. You need to decrypt another packet to send more packets.” Researchers Due Diligence Tews first discussed his work with a London newspaper, The Register, where he told the paper that the attack had a success probability of 50 percent with 40,000 packets and…

Originally posted here:
Researchers Crack WPA Security for Wireless Networks

CommentSubscribe