backtop


Print 52 comment(s) - last by glennpratt.. on Dec 4 at 1:15 AM

Bring your laptop, leave your dictionary

A pair of security researchers claim to have partially cracked WPA encryption, with an attack that takes around 15 minutes.

The technique relies on an undisclosed “mathematical breakthrough,” say researchers Erik Tews and Martin Beck, and breaks the Temporal Key Integrity Protocol (TKIP) key used to encrypt data between a wireless router and its clients. Currently, the attack works only one way: data traveling from the access point to its clients is vulnerable, while data traveling in the opposite direction is not.

The only other known, effective attack against a WPA connection relies on computationally-intensive dictionary attacks, which involves testing wireless data against an extremely large list of educated guesses until one of them successfully decrypts the data in question.

Tews and Beck’s attack lowers these requirements considerably, allowing anyone with the knowledge, a laptop, and 15 minutes of time the ability to listen in on one side of a WPA-encrypted wireless connection.

CNet notes that Tews is no stranger to wireless hacking, as he also co-authored a 2007 paper (PDF) discussing how to crack a 104-bit WEP key in 60 seconds.

The duo will reveal their findings at next week’s Tokyo, Japan-based PacSec security conference in a presentation titled, “Gone in 900 Seconds, Some Crypto Issues with WPA”.

According to PC World, some of the pair’s research already is already appearing in wireless security tools.

Companies and internet users looking to keep their wireless networks secure will have to upgrade to WPA2 now, says PacSec organizer Dragos Ruiu.

“Everybody has been saying, 'Go to WPA because WEP is broken,'” he said. “This is a break in WPA.”

While it is too early to tell how the WPA attack will be exploited by criminal organizations, many companies are still in the process of transitioning to WPA from weaker standards like WEP, or no encryption at all. Hackers hit one such company, T.J. Maxx, in January 2007 from secured WEP access points; they ran off with one of the largest credit-card hauls in history and caused more than $200 million in damage.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Best encription?
By gamefreak32 on 11/7/2008 10:09:12 AM , Rating: 2
quote:
1. For the moment, use WPA2-AES as it hasn't yet been broken.


That is not true. A company has been using 2 GTX280s with CUDA to crack WPA2. If you have the money, you can buy the software for $600.

http://www.engadget.com/2008/10/13/elcomsoft-uses-...


RE: Best encription?
By omnicronx on 11/7/2008 10:28:46 AM , Rating: 2
Don't always believe what you hear, these passwords being broken here were 6 to 8 characters in length, which regarldess of encryption only have so many password possibilities. With a 15+ charactor password, Even when you consider that the cuda was processing with a 100x speed increase, its still sitting at around 100 million passwords per second. Well a 15+ character key (with random charactors including upper and lower case) has a hell of a lot more possiblities than that, brute force would still be a gigantic number, probably in the billions of years to crack via brute force.

In fact a 15-20 digit key with TKIP will be next to impossible to crack, even with the breakthrough this article mentions.


RE: Best encription?
By AnnihilatorX on 11/7/2008 10:33:24 AM , Rating: 2
Not to mention you can have password containing symbols like !,#,&
That's what I had been using. Long password + numerics + capitals + symbols.


RE: Best encription?
By gramboh on 11/7/2008 1:21:24 PM , Rating: 2
Yep, just use a 64 char random character key with all of the above, pretty much impossible to brutal force. Kind of a pain to type in on a device you can't easily copy-paste from (e.g. iPhone) but I find I am rarely typing in the key.


RE: Best encription?
By drebo on 11/7/2008 1:45:56 PM , Rating: 2
What the engaget article doesn't say is that they had 20 of those dual GTX280 machines in a compute cluster which allowed them to break WPA in a month instead of years.

WPA is not functionally crackable.


"This week I got an iPhone. This weekend I got four chargers so I can keep it charged everywhere I go and a land line so I can actually make phone calls." -- Facebook CEO Mark Zuckerberg

Related Articles













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki