Tuesday, November 11, 2008

WPA crack details finally out

These few days, people have been talking about WPA cracking and the detail of the crack is finally available for download.

The WPA crack was recently announced by 2 German researchers. They were planned to present their finding at the PacSec 2008 conference (12/13 Nov) in Tokyo. But the details on this crack was released today at Aircrack website in a whitepaper.

Wired Equivalent Privacy (WEP), the basic protection mechanism for wireless, was long being cracked. With the more advanced technique these days, it could be easily cracked with less than a minute.

Wi-Fi Protected Access (WPA), which replace WEP, is a more secure method to protect wireless network. Previous attack on WPA was basically launching dictionary attack against weak Pre-Shared Key used. This new crack on WPA will works against the WPA protected network that uses Temporal Key Integrity Protocol(TKIP). The attack is able to decrypt an ARP request or response and send 7 packets with custom content to the network after access for more than 12 minutes.

To summarised, the recommendation against the attack is to use WPA2, which uses CCMP instead of TKIP. If for any reason you are not able to migrate your network to WPA2, There are some other mitigation recommended such as reducing the renew key interval and increase your wireless detection stance and check for multiple MIC failure messages. (Reminder, please test it before making the change on your production environment)

You can download the Whitepaper "Practical attacks against WEP and WPA" from Aircrack or alternatively from local copy.

Related Articles:
- Security Focus: "Researchers find more flaws in wireless security"

No comments: