Thursday, November 06, 2008

The TKIP part of WPA has been cracked!!

UPDATE: Here are a few more details...
1) WEP is flawed
2) TKIP is (based on and) backward compatible with WEP, found to carry a similar flaw
3) Therefore, WPA inherits a WEP flaw if allowing TKIP communication

An attack currently depends upon:
1) TKIP used for client to AP
2) known IPv4 range (e.g. 192.168.0.X)
3) long re-keying interval (e.g. 3600 sec)
4) IEEE 802.11e QoS
5) client connected to the network

The authors offer a short re-key cycle as a workaround, which already is a best practice.


This is 'late' news, however, I felt it was important enough to share. The wireless security protocol WPA w/ TKIP has now been cracked. Researchers by the name of Erik Tews and Martin Beck were the ones to do the cracking, finding a way to break the temporary Key Integrity Protocol (TKIP) in under 15 minutes. They haven't, however, figured out how to gain access to the data that travels between the PC and the router, so that's a plus.

Of course, there are limitations: Apparently, the data sent from a connected device to the compromised router is still safe. But anything headed down the information highway in the opposite direction? Wide open.

So what should you do to secure your network? Switch to WPA2, which is still uncracked for the time being.

The other option if you must use WPA for your xBox or other wireless devices that don't allow WPA2, is to use WPA with the option of using AES instead of TKIP option.

For me personally, however, it better to just accept the fact that NO network traffic is totally safe. Your best defense is to be wise about WHAT you enter and WHERE you enter it on the internet.



Get the latest 'geek' post via RSS...

Subscribe below for email updates...

Enter your email address:

Delivered by FeedBurner

/* Extra Links ----------------------------------------------- */