Re: All Ur WiFi(WPA) R Belong 2 PacSec

[Dave Aitel <dave () immunityinc com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This article has a good summary of the technique, for those not going
to Japan. While good work, it's not going to worry me if I have a WPA
network set up at home or as part of my business. At least, not yet
(and maybe not ever - we'll see :> ).

The other mitigating factors according to the article are:
 o It works like chopchop on small packets only
 o Busy networks might make it impractical
 o You can only send packets from the AP to the endpoints

http://arstechnica.com/articles/paedia/wpa-cracked.ars

- -dave




Dragos Ruiu wrote:
> Just as a heads up, one of the author(s) of the first practical
> crypto attack against WPA secured wireless networks, besides
> launching a dictionary attack when a weak pre-shared keys(PSK) are
> used, Erik Tews, will be speaking at PacSec in Tokyo, on Thursday
> next week. More specifically, his attack uses a combination of
> protocol weaknesses and cryptographic weaknesses to compromise TKIP
> encryption. The attack lets the attacker inject seven packets into
> the network, per decrypt window. It's an interesting attack,
> because it also hints at other attack forms, so it is rather open
> ended research.
>
> You should discontinue use of TKIP is my recommendation.
>
> The problem with this is that most AP implementations that I have
> seen will automatically drop back to TKIP from CCMP(AES) to support
> older clients. You should disable this if you are given the option
> on your AP or WiFi router configuration. Unfortunately how to do
> this varies on each router's configuration systems, and some
> routers do not provide facilities to do this.
>
> If you aren't given the option to disable this, you might want to
> think about getting a different Access Point or WiFi Router. :-)
>
> You should seriously consider using some higher level encryption
> facilities such as a VPN, IPsec, or SSH to secure your
> communications over wireless. Look at ssh -D <port> (or equivalent
> putty options) to a wired host and the socks proxy options on your
> browser to use that port on localhost, when surfing over wireless.
>
> On some equipment CCMP is called WPA2 and TKIP is WPA. The WPA spec
> leaves support of CCMP(AES) optional while the WPA2 spec mandates
> both TKIP and AES capability.
>
> Important WPA/WPA2 Recommendations:
>
> -Use only CCMP(AES). -Disable Negotiations to TKIP from CCMP(AES).
> -If you must use TKIP, rekey every 120 seconds.
>
> Quote: To prevent this attack, we suggest using a very short
> rekeying time, for example 120 seconds or less. ... The best
> solution would be disabling TKIP and using a CCMP only network.
>
> Oh, P.S. AFAIK some of the code to do this attack is out :).
>
> If you want to find out more, you have to come to PacSec. :-) The
> details are fairly intricate but the bottom line is above. Consider
> yourselves duly warned.
>
> cheers, --dr

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJFF5ZtehAhL0gheoRAreXAJ0XEpxnbWIAkCb2uYMNEdVMeB2KHwCeM6Fk
qva3gj7/uznxX9pmHha3sEY=
=fvvr
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave