The Inquirer-Home

WPA data is gone in 60 seconds

Without any car chase
Thu Aug 27 2009, 10:23

JAPANESE BOFFINS took time out from fighting giant moths to work out how to break the WPA encryption system used in wireless routers in just sixty seconds.

Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University plan to tell the world plus dog how to do it at a technical conference set for September 25 in Hiroshima.

The attack gives hackers a way to read encrypted traffic sent between computers and certain types of routers that use the WPA or WiFi Protected Access encryption system.

It has been known that WPA could be broken for some months now, but these researchers have come up with a theoretical attack and made it practical.

An earlier attack technique, developed by researchers Martin Beck and Erik Tews, worked on a smaller range of WPA devices and took between 12 and 15 minutes.

Both attacks work on WPA systems that use the Temporal Key Integrity Protocol (TKIP) algorithm.

To be fair the WPA standard is a bit long in the tooth. It was designed as an interim encryption method as WiFi security was developing and has long since been superseded by WPA2. However there is still a fair bit of WPA with TKIP kit out there since 2006.

Newer WPA2 devices that use the stronger Advanced Encryption Standard (AES) algorithm remain safe for now. µ



Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ Poll

Happy new year!

What tech are you most looking forward to in 2015