Skip to main content

WPA Encryption Cracked in One Minute

Two Japanese scientists, Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University, plan to reveal how they can crack WPA encryption in sixty seconds at a technical conference taking place on September 25 in Hiroshima. PC Advisor said that the two scientists have designed an attack that gives hackers a way to read the encrypted traffic passed from PCs and certain routers that use WPA.

The method isn't new: security researchers revealed a way to break WPA encryption back in November. However, according to Dragos Ruiu, organizer of the PacSec security conference where the first WPA hack took place, the scientists have taken the supposed attack "to a new level," saying that they took theoretical information and made it "much more practical."

The previous attack method, developed by researchers Martin Beck and Erik Tews, took between 12 and 15 minutes to work on a smaller range of WPA devices. The PC advisor report also stated that both attacks only work on WPA systems that use the Temporal Key Integrity Protocol (TKIP) algorithm. Fortunately, the attack does not work on WPA systems using Advanced Encryption Standard (AES) algorithm, or WPA 2 devices.

If this bit of news seems a little frightening, don't fret: many WPA routers allow users to switch from TKIP encryption to AES through the administration interface.

  • ssalim
    Gone in sixty seconds.
  • It irritates me how the nomenclature is often confused when it is so simple.

    WPA is often equated with TKIP and WPA2 with CCMP, but this is wrong...
    A wireless access point advertising WPA may offer TKIP or CCMP or both at the same time. The same is true with WPA2.

    TKIP is RC4 based.

    CCMP is AES based.

    How is this hard to understand or explain? And more importantly, and worse!, why do manufacturers get it wrong?
  • Shadow703793
    ssalimGone in sixty seconds.:lol: !
  • JohnnyLucky
    So is this about some sort of wireless access?
  • Lol.
  • Fuck da Japanese
    dey always krackin shit
  • Supertrek32
    No matter how secure you think it might be, never trust wireless networks for security. If it's sensitive data, just wait until you can plug into the wall. You never know, so if you're paranoid enough that you truely want all that encryption, just use good ol' ethernet cables.
  • pakardbell486dx2
    Sweet I can't wait tell they add this tool onto BackTrack
  • IzzyCraft
    Depends how much power they are using, people can use a ps3 to brute force wpa in that amount of time etc.
  • matt87_50
    hehe noobs and their out dated WPA, WPA2 FTW!! that will never be broken! ...right?