Researchers with the British Computer Society (BCS) claim to have cracked the Wi-Fi Protected Access (WPA) wireless security standard and will reveal their findings at the PacSec conference to be held in Tokyo next week.
Researchers Erik Tews and Martin Beck say they broke the Temporal Key Integrity Protocol (TKIP) that provides WPA (define) security, in just under 15 minutes, the BCS quoted PacSec organizer Dragos Ruiu as saying.
WPA is widely used for wireless security in everything from home networks to retail stores to enterprises. It is used in place of the Wired Equivalent Privacy (WEP) protocol, which is considered ineffectual and easily cracked within minutes.
In that attack, they used the Aircrack-ptw WEP key cracking tool. This breaks 104-bit WEP security in less than 60 seconds, according to the Security Hacks Web site.
The news is not all bad — TKIP is the weaker of two keys that is part of WPA and WPA2 (define), and the stronger AES (Advanced Encryption Standard) key method that can be used with WPA/WPA2 is not vulnerable. You can read about the AES (define) standard in this PDF.
Security experts contacted by InternetNews.com declined to comment until Tews and Beck make their presentation.
This article was first published on InternetNews.com.