WPA encryption cracked in one minute

Thu Aug 27, 2009 1:43PM EDT

See Comments (35)

The second generation of Wi-Fi security systems has now been broken as badly as its notoriously insecure predecessor: Japanese researchers say they can crack WPA (Wi-Fi Protected Access), the successor to the old-school WEP, inside of a minute's time spent eavesdropping on a wireless network.

Details on the mechanics of the attack are set to be announced next month at a computer conference, but it's tentatively described as taking to "a new level" the previous method by which WPA had been roughly compromised, adapting previously theoretical holes in the WPA system and turning them into practical attack techniques.

The previous method of attacking WPA devices took up to 15 minutes to be successful, and didn't always work. The new method is said to work on far more devices and, obviously, much more quickly. However, as with the old attack, the new one only works on WPA devices that use the TKIP (Temporal Key Integrity Protocol) algorithm, which is a setting in your router and device setup.

WPA devices that use the newer AES (Advanced Encryption Standard) algorithm, plus devices that use WPA2 -- the third generation of wireless security standards -- are still safe for now.

However, this does mean that it won't be long before this attack technique trickles out into software that malicious hackers can use to invade WPA networks. With access to your wireless network, a hacker can potentially eavesdrop on any traffic sent, access shared folders on computers attached to the network, and of course send and receive data (like illegal file sharing or even child pornography) which could then be blamed on you.

To protect yourself, upgrade the security settings on your devices to WPA2 if they all support the standard. Alternately, you can upgrade any WPA device from TKIP security to AES. Check in your router administration console and on your computer for and where how to do this.

Comments on WPA encryption cracked in one minute

Post a Comment

Join in the discussion. Here you'll see the comments in the order they were posted.

  • 1 Posted by tool4scs on Thu Aug 27, 2009 5:54PM EDT Report Abuse

    I use a program called HomeNet Manager (http://www.homenetmanager.com) that has network security built into it. It is like another layer on top of wireless encryption. Simple to use, just click Secure my Network and that is all there is to it. I was curious as to if it really worked so before I installed it, I disconnected my laptop, then proceeded to install the software, turned on the Network Security feature, then tried to connect to my wireless network, no such luck. I was overly impressed with the software. What a piece of mind.

  • 2 Posted by nighteye19 on Thu Aug 27, 2009 6:08PM EDT Report Abuse

    I notice WPA2 having too much overhead and causing too much CPU usage, which causes some of my CPU intense games to get internet lag when using WPA2 vs. WPA.

  • 3 Posted by isellart44 on Thu Aug 27, 2009 6:22PM EDT Report Abuse

    Soooo, now could you repeat that in non geek-speak for all of us wee brains? Thanks

  • 4 Posted by penny07960 on Thu Aug 27, 2009 6:30PM EDT Report Abuse

    I have no idea what Bret, a.k.a. "tool4scs", is saying. Did it work? Or not? When you say "I was overly impressed with X" the implication was that the product did NOT meet your expectations. And I suspect that you meant to say it gave you "peace of mind", which might imply that it worked, not "a piece of mind", which you might give the vendor if it did not. - penny

  • 5 Posted by alaskamom_99 on Thu Aug 27, 2009 6:36PM EDT Report Abuse

    Cracking systems across the globe has to do with speed of the internet and processors as well. The US lies 28th in the world for internet speed, while South Korea is at the top followed by Taiwan, Japan, and Sri Lanka. If our system is so slow, no wonder breaking into our banking systems and stealing credit card info is such a breeze. How can we fight back with one hand tied behind our backs? http://article.wn.com/view/2009/08/25/US_is_15_years_behind_South_Korea_in_internet_speed_w/

More Posts: First Prev 1 2 3 Next Last

Post a Comment

Sign In to Post a Comment

My Tech

Please enable your browser's cookies to activate the My Tech column.

Also on Yahoo! Tech

Computers Home Office Wi-Fi & Networking Phones & PDAs Cameras & Camcorders TV & Home Theater Portable Audio
 

Site Map | Tour | Subscribe to Yahoo! Tech

Question and Answer content at Yahoo! Tech is written by Yahoo! users at Yahoo! Answers. Yahoo! does not evaluate or guarantee the accuracy of any Yahoo! Answers content. For more information, read the Full Disclaimer.

Opinions expressed by the Advisors are their own and do not necessarily reflect the views of Yahoo! Inc. Yahoo! receives no compensation from any manufacturer or distributor nor does it compensate any Advisor for the coverage of any product or service in any Advisor's content.