Wireless Communications

Researchers have found a method of cracking a key encryption feature used in securing wireless systems that doesn't require trying a large number of possibilities. Details will be discussed at the sixth annual PacSec conference in Tokyo next week. According to PCWorld, researchers Erik Tews and Martin Beck have found a way to crack the Temporal Key Integrity Protocol (TKIP) key, used by Wi-Fi Protected Access (WPA). Moreover, they can do so in about 15 minutes. The crack apparently only works for data aimed at a Wi-Fi adapter; they have not cracked the encryption keys used to secure data that goes from the PC to the router TKIP has been known to be vulnerable when using a high volume of educated guesses, or what's called a dictionary attack. The methods to be described by Tews and Beck do not use a dictionary attack. Apparently their attack uses a flood of data from the WPA router combined with a mathematical trick that cracks the encryption. Some elements of the crack have alr

It is a tool created by Martin Beck aka hirte, a member of aircrack-ng team. This tool is able to inject a few frames in a WPA TKIP network with QoS. He worked a few weeks ago with Erik Tews (who created PTW attack) for a conference in PacSec 2008: “Gone in 900 Seconds, Some Crypto Issues with WPA”.

When it came to setting up Wi-Fi networks, if you knew what you were doing you would enable WPA security. This would keep people with a small amount of knowledge from gaining access to your network, which is very easy with the much weaker WEP security. No more! WPA security has now been cracked, rendering all but the most tightly-locked networks open for hacking. Researchers by the name of Erik Tews and Martin Beck were the ones to do the cracking, finding a way to break the temporary Key Integrity Protocol (TKIP) in under 15 minutes. They haven't, however, figured out how to gain access to the data that travels between the PC and the router, so that's a plus. So what should you do to secure your network? Switch to WPA2, which is still uncracked for the time being. And if you want to be one of those marginally-skilled Wi-Fi hackers? Grab the Aircrack-ng Linux program, which has already had this new code added to it. via gizmodo.com

WEP Wi-Fi security has been known as an easy-to-crack security protocol for a while now, which is why it was superseded by the more secure Wi-Fi Protected Access (WPA) standard. But now a PhD candidate studying encryption has found an exploit in the WPA standard that would allow a hacker to "send bogus data to an unsuspecting WiFi client," completely compromising your Wi-Fi security and opening your network to all sorts of hacking. Lucky for you, it's not terribly difficult to protect yourself against the new exploit. The key: Just log into your router, switch off Temporal Key Integrity Protocol (TKIP) as an encryption mode, and use Advanced Encryption System (AES) only. TKIP is the only protocol that the hack applies to, so switching to AES-only will ensure that your Wi-Fi network is safe again. It's quick and easy, so do yourself a favor and make the adjustment now so you don't run into any problems in the future. via lifehacker.com