Press "Enter" to skip to content

Japanese Researchers crack WPA (Wi-Fi Protected Access)

wpa2_radius_auth_sm

The second generation of Wi-Fi security systems has now been broken as badly as its notoriously insecure predecessor: Japanese researchers say they can crack WPA (Wi-Fi Protected Access), the successor to the old-school WEP, inside of a minute’s time spent eavesdropping on a wireless network.

Details on the mechanics of the attack are set to be announced next month at a computer conference, but it’s tentatively described as taking to “a new level” the previous method by which WPA had been roughly compromised, adapting previously theoretical holes in the WPA system and turning them into practical attack techniques.

The previous method of attacking WPA devices took up to 15 minutes to be successful, and didn’t always work. The new method is said to work on far more devices and, obviously, much more quickly. However, as with the old attack, the new one only works on WPA devices that use the TKIP (Temporal Key Integrity Protocol) algorithm, which is a setting in your router and device setup.

WPA devices that use the newer AES (Advanced Encryption Standard) algorithm, plus devices that use WPA2 — the third generation of wireless security standards — are still safe for now.

However, this does mean that it won’t be long before this attack technique trickles out into software that malicious hackers can use to invade WPA networks. With access to your wireless network, a hacker can potentially eavesdrop on any traffic sent, access shared folders on computers attached to the network, and of course send and receive data (like illegal file sharing or even child pornography) which could then be blamed on you.

To protect yourself, upgrade the security settings on your devices to WPA2 if they all support the standard. Alternately, you can upgrade any WPA device from TKIP security to AES. Check in your router administration console and on your computer for and where how to do this.  [Via Vojin]

http://tech.yahoo.com/blogs/null/147906

One Comment

  1. Brad Brad

    With new technology there will sometimes be flaws, fortunately it’s the good guys that discovered this one. I am no IT security specialist, but as far as the current technology goes, here are some very simple tips you can use to protect yourself at home and away.

    1. Once you yank your new wireless router out of the box and connect it, change the administrator password, which allows you to set up the preferences of your router. The default administrator password is generally a very simple password displayed on the underside of your wireless router. Simple passwords like these can easily be defeated with a “dictionary attack.” (Note: you may want to keep it different from the password your computer (s) will use to log on to the network). It is a good ideal to use a wired connection (Ethernet RJ-45 cable) as you set up your wireless router, because it is difficult to change wireless settings from a machine that utilizes a wireless connection.

    2. Set your wireless router encryption to WPA, WPA-PSK or 128-Bit WEP. Many routers have set up pages with brief explanations of each setting. Having trouble creating a password? Some routers actually have a built in password generators which can be used to create a “strong password.” A strong password should contain between 7 to 14 characters and should contain alphanumeric characters or symbols (@&$%@”).

    3. Change the name of your routers SSID (service set identifier). Simply stated the SSID is the name of your router. If hackers can’t see your router it makes their job that much more difficult. Factory defaults of various routers can be easily identified, for example “2WIRE,” “linksys,” etc.

    4. One advanced step that goes above and beyond is “MAC address filtering.” This step will only allow specific machines to access your network. The MAC (Media Access Control) address is a unique identifier for each device connected to a network that may look like this (00:0a:95:d1:52:30).

    5. Once everything is all set and you have the ability to log on to your WiFi network, then you should disable the SSID broadcast, which in theory will make the name of your WiFi router disappear during a scan of available networks.

    6. When using a public WiFi hotspot it is a good ideal to turn off file sharing because if a private folder has been set to allow others “read access,” your personal files can be compromised. In addition, think twice if you plan to do banking and shopping online because public hot spots are not as secure as your home network.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.