They always knew it could be done; that a hacker with enough time and
processing power could watch your WPA-protected wireless network and, eventually, decrypt your precious datas. In under 15 minutes, though? "Inconceivable!" those hypothetical security experts would say -- but they're about to get a lesson from WiFi wizard Erik Tews. He'll be giving a presentation next week at the PacSec Conference in Tokyo, describing the "mathematical breakthrough" that, he says, enables him to crack WPA-TKIP in 12 to 15 minutes. There are some limitations, as the data sent from a connected device to the compromised router is apparently still safe, but anything headed t'other way is wide open, and could even be supplanted by bogus bits sent from a Cheetos-munching hacker slouching in a rusty Ford Taurus in the parking lot. Don't believe us? Tews was the guy able to
crack WEP in under a minute last year, ironically advising people to switch to WPA ASAP at the time. We can only assume
WPA2 is next.
posted November 6th 2008 10:58AM
What if you are using WPA2 with AES? Still crackable?
My impression from the article is that WPA2 and AES hasn't been cracked yet.
I think that also means that WPA that uses AES is fine too.
AES appears to be really secure (it's proper name is Rijndael), no one's yet managed to find a weakness in its method. The US government approves it for encrypting its classified documents, so don't fret too much.
That said, if a genius mathematician comes along and find a sequence to predict prime numbers, we're all screwed as pretty much all encryption ciphers these days work on the product of prime numbers.
Not yet, but typically the problem is not so much with the algorithm itself, but the way it's implemented within a wireless network. Wireless is just inherently insecure.
Wait, isn't "What, me worry" the theme of Alfred E. Newman, the guy on the cover of Mad Magazine...? I think you (engadget) were attempting a "Cracked" reference, right?
And what chinese program is that?
I can't pronounce the Chinese characters, but on the super, super, secret site he downloaded the prog from, they translate roughly as "The Temple of Grandiose & Ignorant Posturing." Or something like that. Chinese is really hard.
In the semi-country where I live, even a WEP is overkill. Plus, my router won't reach further than my property anyways.
This entire topic is moot for most home users. More applicable to the business environment. No one is going to camp outside your house cracking your security to find out what is in your yahoo email or what your family tree has in it. People break security where there is money to be made and that is not USUALLY in the residential arena.
Sorta... When I go on vacation and I need an internet connection I have been known to drive around looking for an open WiFi connection, I can see people with WEP / WPA cracking tools doing the same thing but more maliciously.
@ Josh
Unless you're Sarah Palin!
>>He'll be giving a presentation next week at the PacSec Conference in Tokyo, describing the "mathematical breakthrough" that, he says, enables him to crack WPA-TKIP in 12 to 15 minutes.
>>enables him to crack WPA-TKIP in 12 to 15 minutes.
>>WPA-TKIP
>>TKIP
That's fine. Wake me up when he can crack WPA-AES.
OMG
I just hope this guy can publish this, so I can finally f**** my neighbour's wpa-tkip wifi. I must work from home lol
Looks like we'll all just have to start Quantum encrypting all our routers now...
Come on Physicists, get us a market solution!
p.s. i put quantum in capitals because its just that cool a word.
Which leads to wireless routers packing more of a grunt, and in turn beeing hacked into actually doing something usefull.
The problem with random 63 character passwords is that you are enforcing a "write it on a post-it note" policy. The point about announcing the length of the key is a valid one, but 64 factoral = a lot of brute forcing.
As usual the issue with the migration to wpa2 is that your older wireless devices may not support it. I am talking tivos , phones and nintendo dss. You can set up two wireless networks if you have to....
I havent played with the new code, it looks like the shared session secret is discovered, only individual tkip sessions...? Maybe.
Man, it's time to change my password. When I originally had my router setup (WPA-AES) I gave it a 63 key but for some reason it wouldn't jive with my PS3 so I just changed it to "88888888". Someone is probably stealing my internetz right now.
Banana- Are you serious? MAC addy's? Must every term be abbreviated or have a nickname? I'll add that to the list with Sammy and Panny...
Folks, I don't think they are talking about cracking TKIP-PSK passphrases. Getting your hands on a passphrase will get you network access, but will NOT allow you to sit and monitor your neighbors actual packets traveling the airwaves, those are still encrypted. What Tews seems to be suggesting is that he is able to easily crack encryption on outbound packets heading from a WAP to an associated client. This is a big step up from simply gaining network access, Tews can now packet sniff your encrypted data.
Death to script kiddies.
"Back in '82"
Geez, WEP Aand WPA-PSK have been cracked since 2004/2005. Why is this so much hype?
http://docs.lucidinteractive.ca/index.php/Cracking_WEP_and_WPA_Wireless_Networks
http://blogs.zdnet.com/Apple/?p=65
http://www.informit.com/articles/article.aspx?p=369221
JMan, read my post above yours. This isn't an announcement that Tews has found a way to steal the PSK passphrase ... he has actually cracked part of the encryption on individual link layer frames, so he can read the information traveling the radio waves and packet sniff them... that's much more significant than simply getting a passphrase. So instead of just getting free internet, malicious users could now sit and read your personal data you just sent in an email.