WPA TKIP Cracked --- Use WPA2 AES

**afterburn188** · November 11, 2008, 16:59

Re: WPA TKIP Cracked --- Use WPA2 AES

I've been slightly confused at this. When I had first read the white paper I thought they were saying that they had only partially broken TKIP and at a rate which made it not very practical. Although I do see the application of this in the creation of covert clear text channel, the figures made it seem like the data rate would be obnoxiously slow. It also seemed like only small packets are effected. Could someone with better knowledge comment on this?

Originally posted by xor

For those that don't have routers that support WPA2....well it's that time of year; ho ho ho.

For those on a small budget, switching to AES (if supported) or modifying TKIP values seems like a stop gate, and key phrase here, for now...

**xor** · November 11, 2008, 18:04

Re: WPA TKIP Cracked --- Use WPA2 AES

No expert, but my understanding is that in can allow an attacker packet injection in about 15 minutes. Which will lead to other possible and more damaging attacks. Y

Yes, I believe you are correct; partially broken.

xor

**xor** · November 11, 2008, 18:19

Re: WPA TKIP Cracked --- Use WPA2 AES

Hope this also helps you afterburn188

http://arstechnica.com/articles/paedia/wpa-cracked.ars/

It's titled Battered not Broken Understanding the WPA Crack.

xor

**afterburn188** · November 11, 2008, 20:35

Re: WPA TKIP Cracked --- Use WPA2 AES

Originally posted by xor

Hope this also helps you afterburn188

http://arstechnica.com/articles/paedia/wpa-cracked.ars/

It's titled Battered not Broken Understanding the WPA Crack.

xor

Thanks xor! I had this completely backwards in my head not realizing that this was a data injection method as opposed to data extraction. Goes to show how easily things like this can be misunderstood and misreported.

**xor** · November 12, 2008, 06:02

Re: WPA TKIP Cracked --- Use WPA2 AES

The article I was reading stated that arp poisoning would be a trivial matter with this hack. Maybe even dns packet injection.

xor

Aircrack is already rolling it into their software. If you are a fan and haven't stopped by their site in awhile you should.

**Greyhatter** · November 12, 2008, 06:31

Re: WPA TKIP Cracked --- Use WPA2 AES

Originally posted by xor

I'm surprised Render or Thorn didn't beat me to the punch.

Free wifi for some and trouble for the rest of us? Good reason to use other encryption on top or hard wiring to be sure. Open airwave signals are taunty things for ciphers.

Could be Render and Thorn were waiting for more data as it is still spotty and the FUD is flowing.

Here's what I have.

**datalust** · November 12, 2008, 14:59

Re: WPA TKIP Cracked --- Use WPA2 AES

Just recapping for my own memory: With the announced vulnerability from Tews, sufficiently small TKIP encrypted packets traveling from AP to client can be decrypted, modified, and re-encrypted then sent to the client.

Sound partly correct? Strong keys still safe?

**Thorn** · November 12, 2008, 15:50

Re: WPA TKIP Cracked --- Use WPA2 AES

Originally posted by datalust

Just recapping for my own memory: With the announced vulnerability from Tews, sufficiently small TKIP encrypted packets traveling from AP to client can be decrypted, modified, and re-encrypted then sent to the client.

Sound partly correct?

That's what it looks like so far.

Originally posted by datalust

Strong keys still safe?

That's unclear to me at this point. In any event, use WPA2 with AES, and you'll be OK

**renderman** · November 13, 2008, 11:10

Re: WPA TKIP Cracked --- Use WPA2 AES

Not much to add.

I knew that Micheal countermeasure / WMM things was going to be trouble.

It's a step in the direction of larger attacks but I think were still a bit off from the level of brokeness that WEP has achieved.

**Ænder** · November 13, 2008, 11:44

Re: WPA TKIP Cracked --- Use WPA2 AES

Of course, even switching to WPA2 AES, how long will it be until this, too, is cracked? With the rate of encryption and security measures being compromised, I can't imagine it will be long.

**renderman** · November 13, 2008, 12:02

Re: WPA TKIP Cracked --- Use WPA2 AES

Originally posted by Ænder

Of course, even switching to WPA2 AES, how long will it be until this, too, is cracked? With the rate of encryption and security measures being compromised, I can't imagine it will be long.

AES will probably last longer than WEP (with the already broken RC4) did. To their credit, the standards bodies do good work, it's usually concessions made to vendors being whiny that things end up getting FUBAR'd.

I would suggest watching my panel from Shmoocon 2007 where we put the screws to the IETF chairman about such things as the Michael countermeasures.

http://www.shmoocon.org/2007/videos/...%20Housley.mp4

**Ænder** · November 13, 2008, 13:39

Re: WPA TKIP Cracked --- Use WPA2 AES

Originally posted by renderman

AES will probably last longer than WEP (with the already broken RC4) did. To their credit, the standards bodies do good work, it's usually concessions made to vendors being whiny that things end up getting FUBAR'd.

I would suggest watching my panel from Shmoocon 2007 where we put the screws to the IETF chairman about such things as the Michael countermeasures.

http://www.shmoocon.org/2007/videos/...%20Housley.mp4

Will do. And whiny vendors = fail. If only moral logic overrode the almighty $.

**xor** · November 13, 2008, 16:25

Re: WPA TKIP Cracked --- Use WPA2 AES

Originally posted by renderman

AES will probably last longer than WEP (with the already broken RC4) did. To their credit, the standards bodies do good work, it's usually concessions made to vendors being whiny that things end up getting FUBAR'd.

You mean like this......
USB-stick-with-hardware-AES-encryption-has-been-cracked

xor

**Ænder** · November 13, 2008, 18:38

Re: WPA TKIP Cracked --- Use WPA2 AES

Originally posted by xor

You mean like this......
USB-stick-with-hardware-AES-encryption-has-been-cracked

xor

Damn it! Well, there goes that idea. Can we do any better than AES?

WPA TKIP Cracked --- Use WPA2 AES

WPA TKIP Cracked --- Use WPA2 AES

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment