WPA Encryption Cracked in One Minute

Two Japanese scientists, Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University, plan to reveal how they can crack WPA encryption in sixty seconds at a technical conference taking place on September 25 in Hiroshima. PC Advisor said that the two scientists have designed an attack that gives hackers a way to read the encrypted traffic passed from PCs and certain routers that use WPA.

The method isn't new: security researchers revealed a way to break WPA encryption back in November. However, according to Dragos Ruiu, organizer of the PacSec security conference where the first WPA hack took place, the scientists have taken the supposed attack "to a new level," saying that they took theoretical information and made it "much more practical."

The previous attack method, developed by researchers Martin Beck and Erik Tews, took between 12 and 15 minutes to work on a smaller range of WPA devices. The PC advisor report also stated that both attacks only work on WPA systems that use the Temporal Key Integrity Protocol (TKIP) algorithm. Fortunately, the attack does not work on WPA systems using Advanced Encryption Standard (AES) algorithm, or WPA 2 devices.

If this bit of news seems a little frightening, don't fret: many WPA routers allow users to switch from TKIP encryption to AES through the administration interface.

Create a new thread in the Streaming Video & TVs forum about this subject
This thread is closed for comments
    Your comment
    Top Comments
  • Gone in sixty seconds.
  • Other Comments
  • Gone in sixty seconds.
  • It irritates me how the nomenclature is often confused when it is so simple.

    WPA is often equated with TKIP and WPA2 with CCMP, but this is wrong...
    A wireless access point advertising WPA may offer TKIP or CCMP or both at the same time. The same is true with WPA2.

    TKIP is RC4 based.

    CCMP is AES based.

    How is this hard to understand or explain? And more importantly, and worse!, why do manufacturers get it wrong?
  • ssalimGone in sixty seconds.

    :lol: !