Friday, May 17, 2024

Chinks Appear in WPA’s Wireless Security Armor

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Researchers with the British Computer Society (BCS) claim to have cracked the Wi-Fi Protected Access (WPA) wireless security standard and will reveal their findings at the PacSec conference to be held in Tokyo next week.

Researchers Erik Tews and Martin Beck say they broke the Temporal Key Integrity Protocol (TKIP) that provides WPA (define) security, in just under 15 minutes, the BCS quoted PacSec organizer Dragos Ruiu as saying.

WPA is widely used for wireless security in everything from home networks to retail stores to enterprises. It is used in place of the Wired Equivalent Privacy (WEP) protocol, which is considered ineffectual and easily cracked within minutes.

Tews would know. He is one of three students at Darmstadt University of Technology that developed a way to crack the WEP protocol in less than two minutes, according to The Register.

In that attack, they used the Aircrack-ptw WEP key cracking tool. This breaks 104-bit WEP security in less than 60 seconds, according to the Security Hacks Web site.

The news is not all bad — TKIP is the weaker of two keys that is part of WPA and WPA2 (define), and the stronger AES (Advanced Encryption Standard) key method that can be used with WPA/WPA2 is not vulnerable. You can read about the AES (define) standard in this PDF.

Security experts contacted by declined to comment until Tews and Beck make their presentation.

This article was first published on

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Get the Free Newsletter!

Subscribe to Data Insider for top news, trends & analysis

Latest Articles