Login    Forum    Search    FAQ

Board index » Upgrading and Repairing Forum » Network Hardware & Configuration




Post new topic Reply to topic  [ 2 posts ] 
Author Message
 Post subject: Tool to Crack Wi-Fi's WPA Will Appear This Week
 Post Posted: Tue Nov 11, 2008 3:00 pm 
Offline

Joined: Sun Jul 20, 2008 10:50 am
Posts: 508
Location: Phoenix, AZ, USA
Tool to Crack Wi-Fi's WPA Will Appear This Week

Make sure you are using AES -- which you should be doing anyway, if your wifi accepts it. WPA2 even better if your equipment supports it. Update your firmware.


Top 
 Profile  
Reply with quote  
 Post subject: Re: Tool to Crack Wi-Fi's WPA Will Appear This Week
 Post Posted: Tue Nov 11, 2008 3:53 pm 
Online
Site Admin

Joined: Sun Feb 04, 2007 11:44 am
Posts: 5754
While important, I do believe This "crack" has been somewhat overstated, as even with this exploit, WPA with TKIP will still protect your network: Battered, but not broken: understanding the WPA crack

Quote:
Don't hyperventilate yet; you're (mostly) safe

Now let's back up a little. The early coverage of this crack indicated that TKIP keys were broken. They are not. "We only have a single keystream; we do not recover the keys used for encryption in generating the keystream," Tews said.

To describe the attack succinctly, it's a method of decrypting and arbitrarily and successfully re-encrypting and re-injecting short packets on networks that have devices using TKIP. That's a very critical distinction; this is a serious attack, and the first real flaw in TKIP that's been found and exploited. But it's still a subset of a true key crack.

Tews pointed out that "if you used security features just for preventing other people from using your bandwidth, you are perfectly safe," which is the case for most home users. Someone can't use this attack to break into a home or corporate network, nor decipher all the data that passes.

If a network uses AES, it's immune to this attack, and many corporate and high-security networks settled on AES when it became feasible a couple of years ago in order to avoid any lingering problems with TKIP that might eventually rear their heads.

So let's not get our underwear all up in a bundle or start yelling "fire" in crowded theaters just yet. <g>

BTW, note that as far as I can tell, WPA with AES *is* WPA2. When WPA was first introduced, TKIP was used because it was backwards compatible with existing and older hardware. AES was also introduced, which could be utilized by newer hardware, and the alliance created the WPA2 certification for which AES was required.

Bottom line: You should definitely be using some form of WPA security on your wireless networks, and if possible use AES encryption instead of TKIP. However, even if you are using WPA/WPA2 with TKIP, it seems that your network should *still* be safe from the neighborhood hacker kid with his Cantenna, at least for now... <g>

Scott.


Top 
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
 
Post new topic Reply to topic  [ 2 posts ] 

Board index » Upgrading and Repairing Forum » Network Hardware & Configuration


Who is online

Users browsing this forum: No registered users and 1 guest

 
 

 
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to: