[Geeks are Sexy] technology news

Wednesday, April 05, 2006

WPA isn't safe anymore: How to crack Wi-Fi Protected Access

It is a well known fact that WEP encryption isn't worth much when it comes to protect your wireless network. The protocol has some design flaws that makes its encryption scheme easy to hack. Up to a few months ago, WPA was a secure alternative to WEP. It did a very good job of correcting WEP's weaknesses, but unfortunately, WPA has problems of its own. A flaw was recently discovered in the way WPA initialize its encryption scheme, allowing villains to crack it easily if a weak password is assigned as the WPA shared key. If you are using WPA to secure your WLan, start thinking about switching your encryption scheme to WPA2. In the case where your access point doesn't support the protocol, a simple firmware update will often add the missing feature to it.

I stumbled on a nice video showing someone who used airodump, aireplay, a dictionnary file and aircrack to gain access to a WPA protected Wlan in about 10 minutes. The music is annoying, but the video is worth watching.

Check it out.


  • I still dont quite understand why security focus isnt on speeding up the addition of mac address filters to wireless routers rather than inventing encryption which will ultimatly be cracked.

    Perhaps I am missing something?

    By Anonymous Ed, at 8:43 AM  

  • Mac address filtering already exist, and it's not worth much.. it's VERY easy to sniff a Mac address over the air, and even easier to spoof.. They would have to find another way to do it..

    If you have 1600 laptops with wlan nics, how will you handle the management of all of those Mac addresses?

    By Blogger Kiltak, at 9:41 AM  

  • Isn't this just a demonstration of a bad key choice? Any passphrase of 'Isabelle' could be cracked by brute force within minutes at the most, regardless of protocol. The idea is picking a key that is never likely to be sent by someone who doesn't know it (or isn't already every brute force dictionary).

    By Anonymous dmtblur_, at 8:55 PM  

Post a Comment

Links to this post:

Create a Link

<< Home