While important, I do believe This "crack" has been somewhat overstated, as even with this exploit, WPA with TKIP will still protect your network:
Battered, but not broken: understanding the WPA crackQuote:
Don't hyperventilate yet; you're (mostly) safe
Now let's back up a little. The early coverage of this crack indicated that TKIP keys were broken. They are not. "We only have a single keystream; we do not recover the keys used for encryption in generating the keystream," Tews said.
To describe the attack succinctly, it's a method of decrypting and arbitrarily and successfully re-encrypting and re-injecting short packets on networks that have devices using TKIP. That's a very critical distinction; this is a serious attack, and the first real flaw in TKIP that's been found and exploited. But it's still a subset of a true key crack.
Tews pointed out that "if you used security features just for preventing other people from using your bandwidth, you are perfectly safe," which is the case for most home users. Someone can't use this attack to break into a home or corporate network, nor decipher all the data that passes.
If a network uses AES, it's immune to this attack, and many corporate and high-security networks settled on AES when it became feasible a couple of years ago in order to avoid any lingering problems with TKIP that might eventually rear their heads.
So let's not get our underwear all up in a bundle or start yelling "fire" in crowded theaters just yet. <g>
BTW, note that as far as I can tell, WPA with AES *is* WPA2. When WPA was first introduced, TKIP was used because it was backwards compatible with existing and older hardware. AES was also introduced, which could be utilized by newer hardware, and the alliance created the WPA2 certification for which AES was required.
Bottom line: You should definitely be using some form of WPA security on your wireless networks, and if possible use AES encryption instead of TKIP. However, even if you are using WPA/WPA2 with TKIP, it seems that your network should *still* be safe from the neighborhood hacker kid with his
Cantenna, at least for now... <g>
Scott.
