Sunday, June 13, 2021

WPA Security Proves Faulty

It’s been known for years that the Wired Equivalent Privacy or
WEP
protocol is easily broken, and that to
be secure, wireless networks should use the more powerful protocol called Wi-Fi Protected
Access, or WPA.

Now security experts say they’ve proven that WPA can be breached just as easily. A
pair of researchers in Japan said that they developed a way to break WPA encryption in
about one minute — and will show how at a conference there next month.

WPA’s viability has been in doubt since late 2008, when security researchers Martin
Beck and Erik Tews demonstrated the ability
to break the Temporal Key Integrity Protocol (TKIP) that provides WPA security within 15
minutes.

Now, Researchers Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe
University said they’ve improved on that. The pair has already discussed their findings
in a paper presented
at the Joint Workshop on Information Security held in Taiwan earlier this month and will
discuss it again at a
Sept. 25 event in Hiroshima.

Both the Beck-Tews and Ohigashi-Morii attacks work on only the TKIP algorithm. They do
not work on newer WPA2 devices or on WPA systems that use the much stronger Advanced
Encryption Standard (AES) algorithm, which is a triple key encryption method.

John Girard, vice president and distinguished analyst in Gartner’s Info Security and
Privacy Research Center, said the industry shouldn’t be using WPA with TKIP anyway.

“WPA was never intended to be a long-term solution. It was an interim method to give
people some relief while waiting for WPA2. The advice is migrate to WPA2 Enterprise now,”
he told InternetNews.com in an e-mail.

Wi-Fi-certified products like routers have had to support WPA2 since March 2006.
Security settings for home wireless routers can be changed to WPA2 and/or AES encryption
simply by connecting to the router through a Web browser and modifying the security
settings in the administrative console.

Article courtesy of InternetNews.com.

Similar articles

Latest Articles

Top Data Visualization Tools...

The amount of data generated and consumed by organizations is growing at an astounding rate. The total volume of data and information worldwide has...

The Data Capture Market

Data capture is the process of collecting, ingesting, or otherwise acquiring structured and unstructured data and either converting it into a data format usable...

NVIDIA and the Move...

NVIDIA recently held a Q&A with its visionary CEO Jensen Huang.   While the Q&A this week focused on NVIDIA’s announcements at Computex, his opening and...

Acquia Updates Open Digital...

BOSTON – Acquia’s Drupal-based customer experience (CX) platform is looking different to enterprise users. Acquia made updates last quarter across its three-part Open Digital Experience...