Archive for August, 2009

WPA crawls into the grave with WEP

  • Date: 25 August 2009
  • Author: Trevor
  • Category: wireless
  • Comments: 2

So I was reading the AirMagnet Cisco OTAP vulnerability, which is bad.  This is a vulnerability that deserves its own blog post.  I was then directed/distracted to an article that suggests that WPA is completely broken. *gasp* another wireless “privacy” standard bites the dust.  There are some practical attacks against WPA including dictionary (offline) attacks as well as the Beck-Tews attack that can recover the WPA key in 12-15 minutes with some limitations (WLAN must support 802.11e).  This new attack by the Japanese researchers Ohigashi and Morii claims that WPA can be broken in 4 minutes.  If this attack is legit and more than just theory, it would be yet another failed wireless encryption standard.

After some Googling I found the researcher’s paper describing the attack.  I have mirrored the paper here.  As far as I can tell, this latest WPA exploit has not (yet) been made into an exploit.  I will update this post as I get more information on this new attack.

Update: Dragos Ruiu mentioned the new WPA attack on Daily Dave.