Cracked in 60 Seconds: WPA Falls
WPA Busted Like a Cheap Toy
It's been known for years that the Wired Equivalent Privacy or WEP protocol is easily broken, and that to be secure, wireless networks should use the more powerful protocol called Wi-Fi Protected Access, or WPA.
WPA's viability has been in doubt since late 2008, when security researchers Martin Beck and Erik Tews demonstrated the ability to break the Temporal Key Integrity Protocol (TKIP) that provides WPA security within 15 minutes.
Now, Researchers Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University said they've improved on that. The pair has already discussed their findings in a paper presented at the Joint Workshop on Information Security held in Taiwan earlier this month and will discuss it again at a Sept. 25 event in Hiroshima.
Both the Beck-Tews and Ohigashi-Morii attacks work on only the TKIP algorithm. They do not work on newer WPA2 devices or on WPA systems that use the much stronger Advanced Encryption Standard (AES) algorithm, which is a triple key encryption method.
John Girard, vice president and distinguished analyst in Gartner's Info Security and Privacy Research Center, said the industry shouldn't be using WPA with TKIP anyway.
"WPA was never intended to be a long-term solution. It was an interim method to give people some relief while waiting for WPA2. The advice is migrate to WPA2 Enterprise now," he told InternetNews.com in an e-mail.
Wi-Fi-certified products like routers have had to support WPA2 since March 2006. Security settings for home wireless routers can be changed to WPA2 and/or AES encryption simply by connecting to the router through a Web browser and modifying the security settings in the administrative console.
Article courtesy of InternetNews.com
Solid state disks (SSDs) made a splash in consumer technology, and now the technology has its eyes on the enterprise storage market. Download this eBook to see what SSDs can do for your infrastructure and review the pros and cons of this potentially game-changing storage technology.
- 1Linux Top 3: Linus Lashes out, Linux 3.14 Gets PIE and Ubuntu One is Done.
- 2Linux Top 3: Ubuntu 14.04, Debian Gives Squeeze More Life and Red Hat Goes Atomic
- 3Linux Top 3: CoreOS, Oracle Enterprise Linux 7 and Ubuntu 14.10
- 4Linux Top 3: Debian Dumps SPARC, Ubuntu Takes Over Linux 3.13 and the Core Infrastructure Initiative
- 5Linux Top 3: Fedora, Ubuntu and Gluster Lose Community Leaders