Once thought to be the safer Wi-Fi security option than WEP, the Wi-Fi Protected Access (WPA) encryption standard has been cracked by a security researcher Erik Tews, who will be presenting and discussing the results at next week’s PacSec conference in Tokyo. His test was to crack the security protocol to read what was being sent from a router to a laptop, and this attack could also be used to send bogus information to the computer.
To crack it, he and his co-researcher Martin Beck found a method to break to break the TKIP (Temporal Key Integrity Protocol) key in 12 to 15 minutes, according to Dragos Ruiu, the organiser of PacSec, talking to PC World. However, there is some good news – they haven’t been able to crack the actual encryption keys that secure the data being transferred between the router and PC.
While researchers previously believed that the TKIP could be cracked by using a method called the “dictionary attack” – using dictionary words to find the key; Tews and Beck’s attack is reported to not be using this method – but by using another method that sends a large amount of data to make cracking the key easier.
So here’s a hint – maybe upgrade to WPA2, which is said to be safe from this new attack.