New attack cracks WPA Wi-Fi encryption in just a minute

By on August 27, 2009, 1:09 PM
Encryption systems used by wireless routers have had a long history of security problems. The Wired Equivalent Privacy (WEP) system was cracked and rendered effectively pointless within a few years of its introduction in 1997. Now, it looks like its WPA successor may soon suffer the same fate, with a pair of Japanese researchers developing a way to break it in just one minute.

The attack builds on the so-called "Becks-Tews method" unveiled last year by researchers Martin Beck and Erik Tews. However, that method worked on a smaller range of WPA devices and took between 12 and 15 minutes to carry out. Both attacks work on WPA systems that use the Temporal Key Integrity Protocol (TKIP) algorithm. They aren't key-recovery attacks -- but give hackers a way to read encrypted traffic sent between computers and certain types of routers that use the outdated encryption system.

The Wi-Fi Alliance has required since 2006 that Wi-Fi-certified products support WPA 2, a much more powerful encryption system that is not vulnerable to these attacks, but users have been slow to upgrade.

The two researchers, Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University, are to discuss their findings at a conference in Hiroshima this September 25 but you can read some details now in their paper, "A Practical Message Falsification Attack on WPA" (PDF).

User Comments: 9

Got something to say? Post a comment
strategic strategic, TechSpot Paladin, said:

As the saying goes...

"if there's a way to make it, there's a way to break it"

Phantasm66 Phantasm66 said:

Oh this is big this really is!!! Aircrack can already crack WEP in little or no time if you know what you are doing but WPA has been a no-no. Now this changes everything.

Darth Shiv Darth Shiv said:

This is old news... TKIP was already compromised in the sense that hackers have been able to read the traffic (as per this article). The only new part is they can do it faster now. 1 minute vs an hour - really who cares? WPA TKIP has been broken for ages.

FYI November 2008

Jos Jos said:

Yes Darth Shiv, we covered that story back in November and it's linked here as well

"The attack builds on the so-called "Becks-Tews method" unveiled last year by researchers Martin Beck and Erik Tews..."

Phantasm66 Phantasm66 said:

Darth Shiv said:

1 minute vs an hour - really who cares?

Are you serious? Try actually DOING it on a regular basis and answer that question. One minute is a quantum leap away from an hour.

Guest said:

"The world's first Locksmith was the lover of the wife of a Knight who put the first Chastity belt on her before going off on a crusade".

"If Man can make it, it's already been done & some other Man will break it (again) in 10% of the time it took to invent it".

"Locks are only good for at keeping honest people honest. If someone wants to get into something enough, they will, given enough time".

The prisons on both Alcatraz and Devil's Island were said to be impossible to escape from, until (eventually), someone escaped from each (and survived).

The best example:

A couple of "1%" Bikers I used to know once told me: "Our bikes are theft-proof";

I asked how they could be so sure, and one opened the garage;

I found myself looking down the barrel of a pump-action shotgun being held by another "1%" Biker who was living in the garage, & who also slept ON the bikes.

I conceded that they had indeed found the most effective "Security System" I'd ever seen.

(The hard part is having an empty garage, & finding a "1% Biker" who likes you, AND who needs a place to stay, and who you can trust!).

(And my favorite, for this day & age: "Where there's a Will, there's a Lawyer; For everything else, someone's already figured it out").


"The Hippie",

(w/Thanks to "Wizard" & "Snake" for not blowing my fool head off when I asked about their "Motorcycle Security System").

tengeta tengeta said:

TKIP was broken a year or possibly two ago...

I don't get this. Don't use TKIP or mix your encryption, bam.

Darth Shiv Darth Shiv said:

Are you serious? Try actually DOING it on a regular basis and answer that question. One minute is a quantum leap away from an hour.

No it isn't... simply moving from CPU to GPGPU makes a 100x increase in processing for many applications. A botnet of 100,000 computers gives you... wait for it... 100,000 times more processing power. 60->1 is trivial when it is already broken.

Making WPA2 crackable in many orders of magnitude less time would be significant.

Dissenter said:

I know I'm a bit late o the party, but if I may add the following to the discussion.

I had, YES, had implemented WPA2 security on my N-Draft router. Everything was fine on my home network UNTIL I went to download updates for my Xbox 360. Yea...the Xbox has issues with WPA2 when trying to connect through my router. Well, I had to go back and reset the router to WPA.

Does anyone know if there has been a fix released for this bug in the Xbox 360?


Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.