Member Sign In
Not a member?

A Wired.com user account lets you create, edit and comment on Webmonkey articles. You will also be able to contribute to the Wired How-To Wiki and comment on news stories at Wired.com.


It's fast and free.

Sign in with OpenID
Sign In
Webmonkey is a property of Wired Digital.
processing...
Join Webmonkey
Please send me occasional e-mail updates about new features and special offers from Wired/Webmonkey.
Yes No
Please send occasional e-mail offers from Wired/Webmonkey affiliated web sites and publications, and carefully selected companies.
Yes No
I understand and agree that registration on or use of this site constitutes agreement to Webmonkey's User Agreement and Privacy Policy.
Webmonkey is a property of Wired Digital.
processing...

Retrieve Sign In

Please enter your e-mail address or username below. Your username and password will be sent to the e-mail address you provided us.

or
Webmonkey is a property of Wired Digital.
processing...

Welcome to Webmonkey

A private profile page has been created for you.
As a member of Webmonkey, you can now:
  • edit articles
  • add to the code library
  • design and write a tutorial
  • comment on any Webmonkey article
Close
Webmonkey is a property of Wired Digital.

Sign In Information Sent

An e-mail has been sent to the e-mail address registered in this account.
If you cannot find it in your in-box, please check your bulk or junk folders.
Sign In
Webmonkey is a property of Wired Digital.

Popular WPA Wifi Security Scheme Cracked Open

By Scott Gilbertson November 6, 2008 Categories: Mobile, Software & Tools

wifi routerJust when you thought it was safe to go back in the water: a pair of researchers have announced a serious flaw in the WPA wifi encryption scheme, which was designed to keep your wireless traffic hidden from prying eyes.

Security researchers Erik Tews and Martin Beck have discovered a way to help those eyes pry a bit further into your traffic using a much faster means of break the Temporal Key Integrity Protocol (TKIP) key used by WPA. TKIP has long been vulnerable to dictionary attacks, but dictionary attacks take a long time. The method used by Tews and Beck takes a mere 15 minutes.

The good news is that Tews and Beck so far have not managed to crack the encryption keys. But since security-minded folks like Webmonkey readers probably long ago ditched WEP (an older wifi encryption scheme cracked years ago) in favor of WPA — thinking it was the secure alternative — this attack has some widespread implications.

On the bright side, the attack reportedly does not work with WPA2, which uses a different key protocol to encrypt traffic. If you’re worried, upgrade your router to support WPA2 (in a couple of years we’ll probably be telling you about a flaw in WPA2, but for now anyway).

The details of the Tews and Beck’ findings will be made public at next week’s PacSec conference in Tokyo.

[via Computer World]

See Also:

Tags: security
Post Comment Comments Permalink Print
Reddit Digg
 
Subscribe now

Special Offer For Webmonkey Users

WIRED magazine:
The first word on how technology is changing our world.

Subscribe for just $10 a year