Vulnerability discovered in WPA encryption

By

German researchers have found a way to decrypt packets from a WPA-protected network.


Wi-Fi Protected Access (WPA)encryption can be partially cracked in about 15 minutes, German researchers have discovered.

Eric Tews from the Technical University of Darmstadt in Germany and fellow German security researcher, Martin Beck discovered that an attacker could decrypt packets from a WPA protected network and inject packets into the network, Tews told SCMagazineUS.com Thursday in an email. Tews said that Beck had the initial idea the end of 2007, but it took them some time to develop it.

The vulnerability exists in the Temporal Key Integrity Protocol (TKIP), a Wired Equivalency Privacy (WEP) wrapper, which itself was essentially a fix when WEP was originally cracked.

There is a similar attack on WEP encryption called chopchop, which can be modified to work on a TKIP attack. The two researchers were able to decrypt packets at a rate of one byte per minute, Tews said.

Tews said this vulnerability could theoretically be exploited by an attacker but it is not as effective as attacks on WEP encryption.

Though they were able to crack part of WEP encryption, Tews said the technique does not represent a complete key recovery attack because it does not decrypt PSKs (pre-shared keys), it only enables recovery of temporal keys used by the network. In addition, it would not be suitable for stealing bandwidth over a wireless network, he said.

Tews will discuss their findings at the PacSec conference in Tokyo next week. The researchers plan to post more information about the vulnerability on the aircrack-ng wiki after the conference.

Does this signal the eminent demise of WPA? Not necessarily. WPA is still effective if the network is configured as a AES-CCMP-only network, Tews said.

See original article on scmagazineus.com
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
discoveredencryptionsecurityvulnerabilitywifiwpa

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?