Source: Tom's Guide US | Keywords: WPA, Cracked, Routers, Japanese, Scientists | Themes: The Internet, Software, Networking
Two Japanese scientists have figured out a way to crack WPA encryption in sixty seconds.
Two Japanese scientists, Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University, plan to reveal how they can crack WPA encryption in sixty seconds at a technical conference taking place on September 25 in Hiroshima. PC Advisor said that the two scientists have designed an attack that gives hackers a way to read the encrypted traffic passed from PCs and certain routers that use WPA.
The method isn't new: security researchers revealed a way to break WPA encryption back in November. However, according to Dragos Ruiu, organizer of the PacSec security conference where the first WPA hack took place, the scientists have taken the supposed attack "to a new level," saying that they took theoretical information and made it "much more practical."
The previous attack method, developed by researchers Martin Beck and Erik Tews, took between 12 and 15 minutes to work on a smaller range of WPA devices. The PC advisor report also stated that both attacks only work on WPA systems that use the Temporal Key Integrity Protocol (TKIP) algorithm. Fortunately, the attack does not work on WPA systems using Advanced Encryption Standard (AES) algorithm, or WPA 2 devices.
If this bit of news seems a little frightening, don't fret: many WPA routers allow users to switch from TKIP encryption to AES through the administration interface.
-
Previous News Article
Government Cracking Down on... -
Next News Article
Microsoft's Greenberg: No Slim...
Gone in sixty seconds.
It irritates me how the nomenclature is often confused when it is so simple.
WPA is often equated with TKIP and WPA2 with CCMP, but this is wrong...
A wireless access point advertising WPA may offer TKIP or CCMP or both at the same time. The same is true with WPA2.
TKIP is RC4 based.
CCMP is AES based.
How is this hard to understand or explain? And more importantly, and worse!, why do manufacturers get it wrong?
Gone in sixty seconds.
So is this about some sort of wireless access?
Lol.
Fuck da Japanese
dey always krackin shit
No matter how secure you think it might be, never trust wireless networks for security. If it's sensitive data, just wait until you can plug into the wall. You never know, so if you're paranoid enough that you truely want all that encryption, just use good ol' ethernet cables.
Sweet I can't wait tell they add this tool onto BackTrack
Depends how much power they are using, people can use a ps3 to brute force wpa in that amount of time etc.
hehe noobs and their out dated WPA, WPA2 FTW!! that will never be broken! ...right?
Fuck da Japanesedey always krackin shit
ROTFLMFAO
Hmmm. Good thing the college here has WPA with TKIP encryption....wait a minute....
Nothing is Hacker proof! Thank God!
Meh...Who uses WPA now anyways?
kewl...so how do i do it?
Crazyasiannationalistkilldemjaps
wow what a name
The IEEE 802.11 protocol has shown its vulnerability long time ago.
cracking the WPA encryption in 60 seconds seems impressive.
No matter how secure you think it might be, never trust wireless networks for security. If it's sensitive data, just wait until you can plug into the wall. You never know, so if you're paranoid enough that you truely want all that encryption, just use good ol' ethernet cables.
Now... in a home environment - sure, that's fine - just make sure there's hook-ups available. For businesses though... Ethernet, sure, but having NAC with it is the way to go. It's a pain to setup, but very effective means of truly securing what devices connect where, when and how.
they're going to show it in Hiroshima? it must have something to do with use of radiation..
Good thing I am using WEP.
hahahahaaaaaaaa.........
for WEP I can do it for 60 sec...............
i'm using it open so no one can crack it haha dã
i'm using it open so no one can crack it haha dã
It's a worthy theory, my father use to leave the windows down in his car when he parked in bad neighborhoods. He figured if someone wanted his radio they would break in anyway and this way he wouldn't have to pay for a new radio and new glass.
i'm using it open so no one can crack it haha dã
Why do you jest at my comment?
I have Mac WiFi and running WEP = Inpenatrable. Macs are not prone to Security issues like Windows.
Why do you jest at my comment?I have Mac WiFi and running WEP = Inpenatrable. Macs are not prone to Security issues like Windows.
I remember that mini-contest at a hacker conference about 3 laptops (Mac, Win, Linux distro) as a chalenge to hack them (I believe the article was here on THG news); first place was the Mac one, cracked in a few seconds; the others came later at about the same time; so yes, the Macs are soooo secure.../sarcasm
I remember that mini-contest at a hacker conference about 3 laptops (Mac, Win, Linux distro) as a chalenge to hack them (I believe the article was here on THG news); first place was the Mac one, cracked in a few seconds; the others came later at about the same time; so yes, the Macs are soooo secure.../sarcasm
Jeez...guys...can't take a little sarcasm? Yes yes I know. I was just poking fun at Macs. And I know WEP is even less secure than WPA but we don't have to go into the detials. I was just having fun. Do I have to type "/Sarcasm" at the head or end of every post I make?
i'm using it open so no one can crack it haha dã
At least megahunter got my sarcasm....
*high fives megahunter*
almost every comment on this article is marked negative... someone really dislikes disparaging remarks towards the Japanese or anything to do with facts...
Have not used WPA or any wireless networking for a while, I wired my house instead and turned off wireless. I only enable it when I have visitors.
Have not used WPA or any wireless networking for a while, I wired my house instead and turned off wireless. I only enable it when I have visitors.
That is not usually a viable option except for new homes, as installing ethernet in all useful rooms in a home really tears up the walls and ceilings. Some might want to use their laptop in the cr@pper, but not me, lol. It's not worth it for most. The exception would be 1 or 2 rooms, depending upon the distance and routing of the cable and location of wall jacks.
If I had my choice, I'd buy a new home with CAT-6 installed in every room. To be as secure as I can be with my current equipment, I do the following:
1) Enable WPA-TKIP and use a long random password (my router doesn't support AES or WPA2)
2) Turn off SID advertising
3) Turn off DHCP
4) Enable MAC Address filtering
5) Assign Static IP's to specific MAC addresses in ACL
That is the most secure my home wireless network can be without having to buy another more modern/advanced wireless router. I'd recommend anyone with wireless home networks do the same, though WPA2 with AES is preferred. Just my 2 cents. :-)