Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Wireless Networking Security Hardware

New Improvements On the Attacks On WPA/TKIP 166

olahau writes "Two weeks ago, improvements to the previously reported attack on WPA/TKIP, were presented at the NorSec Conference in Oslo, Norway. In their paper coined 'An Improved Attack on TKIP,' Finn Michael Halvorsen and Olav Haugen describe the improvements, which enable an attacker to inject larger, maliciously crafted packets into a WPA/TKIP protected network, thus opening the probabilities for new and more sophisticated attacks against the well-established wireless security protocol."
This discussion has been archived. No new comments can be posted.

New Improvements On the Attacks On WPA/TKIP

Comments Filter:
  • by Lord Ender ( 156273 ) on Thursday October 29, 2009 @03:58PM (#29915263) Homepage

    Why did they invent a (well, multiple) new encryption algorithm(s) for WiFi? Any competent security specialist will tell you that using an established encryption algorithm is always the wise choice. Did the people behind WiFi simply lack competence? Not Invented Here?

  • by Anonymous Coward on Thursday October 29, 2009 @04:05PM (#29915373)

    WEP is better? Has it always been better?

    Sure, keep using WEP. 128-bit WEP takes a very long time to break. Somewhere on the order of 15-30 minutes, in my experience.

  • by tecker ( 793737 ) on Thursday October 29, 2009 @04:23PM (#29915687) Homepage
    Well. This attack is used on the less robust TKIP protocol. AES is much stronger. Here is the break down (from my memory weakest to strongest):
    1. WEP
    2. WPA/TKIP
    3. WPA/AES
    4. WPA2/TKIP
    5. WPA2/AES

    WEP Came first. It was one of those "oh we need security" bits. It's about what you would have on a wired network. Yea, no, not really. Broadcast != Hardwire so that quickly began being broken. Collisions were found. Time for something stronger

    WPA came next but it was a bit advanced and all of these older machines didn't have really good processing in them and AES was a bit to intensive so the came up with WPA/TKIP. Lighter encryption but the old devices could pull it. WPA/AES came out around the same time and was stronger but the encryption had a bigger processing overhead.

    Then WPA2 (802.11i) came about with further layers and was what really should have been from the start. Backwards compatibility was a problem here and key to adoption. TKIP stayed as some machines didn't take AES very well. WPA2+AES was the real place most will tell you to be. The whole multiple things was just getting protection out there on a technology that was rapidly falling apart.

    Here is an analogy. US went to war with nearly unprotected Humvees (WEP). They worked well and they did their job. But attackers just blew right through it. So in an effort to get things locked down they welded plates of metal on the Humvee (WPA) some machines could handle more (AES) some less (TKIP). The military went back and developed a new technology similar to the quick field fix and came up with the Armored Humvee (WPA2) with good protection all around and made it standard (802.11i). Still defeatable but it can take a lot more.

    There. I'm sure it would have been easier to find a wikipedia article and link to that but I was bored.

  • by jhfry ( 829244 ) on Thursday October 29, 2009 @05:28PM (#29916789)

    When I set up a wifi router for someone I always simply generate a random string of letters numbers and special characters then I write it down and stick it to the router.

    I figure that you can't get more secure and its not exactly something they need to remember because they type it every day.

  • by mrcaseyj ( 902945 ) on Thursday October 29, 2009 @05:28PM (#29916791)

    Example: The Lord of the Rings is the Greatest Series Ever Written

    TLotRitGSER This is actually a decent-security password, you've got decent length, 11 characters, and some upper/lower goodness.

    I'd suggest just using the whole sentence. It would have at least as much entropy and would be more resistant to simple brute force breakage.

    And I'm considering giving up on upper case in passwords. The lower case alphabet requires about 5 bits to encode, while adding uppercase only requires one more bit. I suspect that just making the password 25% longer would be about as easy to remember, and a lot faster to type.

  • by bdo19 ( 992170 ) on Thursday October 29, 2009 @11:33PM (#29920317)

    The people who are most likely to try to break into your internet are people you know and especially people you live and/or work with.

    This may be true, but these are NOT the people a WPA password is supposed to protect you from. If they have access to your drawer, and they intend to do your harm, your WPA password is the least of your worries. And, if they already have physical access, then they don't need your WPA password to "break into your internet" anyway.

    If we were talking about an online banking password that someone could steal from your drawer and use to empty your account, then I might agree with you (although the same idea applies, that there are probably much more dangerous things in that drawer already). But wireless network encryption is only capable of protecting against someone who doesn't already have physical access anyway. So how is it not a good choice to make that a secure password that's written down and filed away?

    Yes, people lose perspective in computer security.

Machines that have broken down will work perfectly when the repairman arrives.