WPA protocol cracked in 15 minutes says researcher

Network 111 Published by

Yeah, guys this is pretty much why you should have a MAC based protection enabled in wireless routers. Not fool-proof either, but very save.

Security researchers claims they have refined an existing WPA crack, making it more efficient that earlier reports. Cryptographic expert Erik Tews will appear at PacSec security conference in Tokyo next week with his presentation, "Gone in 900 seconds: Some Crypto issues with WPA." There, Tews is expected to show off his discoveries in TKIP (Temporal Key Integrity Protocol) cracking, that allow WPA to be broken in a brief 12-15 minute window.

TKIP itself is not really crackable, since it is a Per-Packet Key, but once it is initialized, the Pairwise Master Key (PMK) can be obtained. From there, the conventional method of breaking in involved a brute force dictionary attack, or a long process of elimination by trying millions of options. 

Tews and his partner Martin Beck have discovered a "mathematical breakthrough" that allows the WPA encryption to be cracked dramatically faster. Some of the tools Tews and Beck used are rumored to have been already included in Aircrack-ng WEP/WPA PSK cracking tool. However, the encryption keys from PC to Router have not been cracked in this attack.

So that's the cyber equivalent of Gone in 60 seconds 15 minutes ... I guess.

Share this content
Twitter Facebook Reddit WhatsApp Email Print