Always remember: infallible encryption doesn’t exist.
Wired Equivalent Privacy (WEP), first introduced in 1997, was the first most popular wireless network encryption until four years later, when analysts discovered several weaknesses in the now deprecated system.
In 2003, two years after the first WEP security breaches were uncovered, the Wi-Fi Alliance declared Wi-Fi Protected Access (WPA) the new standard for wireless security encryption. The first version of WPA utilized the Temporal Key Integrity Protocol (TKIP) and the powerful protocol could conveniently be implemented on older devices through a firmware upgrade.
Now, as its predecessor did less than a decade ago, it looks like even WPA encryption with TKIP is cracking at the seams.
After two researchers revealed last November a limited attack on WPA that can take up to fifteen minutes to implement, two Japanese computer scientists say they’ve developed a new attack method that cracks the protocol and breaks into private connections in under a minute. The methodology of the attack was first introduced in a paper at the 2009 Joint Workshop on Information Security in Taiwan at the beginning of August. The two researchers, Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University, are to discuss their findings at a conference in Hiroshima in late September.
According to the paper’s abstract, the scientists “propose a practical message falsification attack on any WPA implementation. […] The execution time of [their] attack becomes about one minute in the best case.”
Fortunately, the Wi-Fi Alliance, which owns the trademark to Wi-Fi, has required since 2006 that Wi-Fi-certified products support WPA 2, a much more powerful encryption system than WEP and even WPA with TKIP. Most enterprise Wi-Fi networks already have defenses against this new attack (and the older one from last year), but regular users are strongly encouraged to upgrade their WPA with TKIP or WEP security settings to WPA with AES, which is currently considered the best available wireless encryption system.
New attack breaks Wi-Fi security in a minute
Cracked last year, WPA encryption--the standard Wi-Fi security--now crackable in under a minute
Technology trends and news by Ronny Kerr
August 27, 2009 |
Comments (1)
Short URL: http://vator.tv/n/a43
Related news
Mozilla Labs launches TestSwarm
Web developers encouraged to use the swarm for multiple browser JavaScript testing
Technology trends and news by Ronny Kerr
Facebook to increase staff by 50%
CEO Mark Zuckerberg looking to hire widely for site expansion
Technology trends and news by Ronny Kerr
Comment
Find your friends' startup new!
Vator is more valuable if you know who's here.
Discover who has a startup and help their success by following their progress!
Discover who has a startup and help their success by following their progress!
VatorNews Featured Stories
Latest company news bites on Vator
BlazeMeter -
Alon Girmonsky
(CEO & Founder)
Cognitive Code Corporation -
Mimi Chen
(Co-Founder and President)
Kiip was featured in a VatorNews article: "A list of top LA accelerators and incubators" at 08:48am May 17
Amplify, Launchpad, MuckerLab, Idealab and Science among those churning out new startups
– See more
BetterWorks was featured in a VatorNews article: "A list of top LA accelerators and incubators" at 08:48am May 17
Amplify, Launchpad, MuckerLab, Idealab and Science among those churning out new startups
– See more
DogVacay.com was featured in a VatorNews article: "A list of top LA accelerators and incubators" at 08:48am May 17
Amplify, Launchpad, MuckerLab, Idealab and Science among those churning out new startups
– See more
Ronny,
Good article, but there is a better available Wireless encryption available that also provides LAN encryption but it is not very well known, see: http://www.wirelesswall.com/ and http://tlc-chamonix.com/wwall/products/wirelesswall-datasheet-cranite.pdf