Dailydave mailing list archives

Re: WPA attack improved to 1min, MITM

From: Dragos Ruiu <dr () kyx net>
Date: Wed, 26 Aug 2009 09:12:24 -0700


On 26-Aug-09, at 8:29 AM, Mike Patterson wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dragos Ruiu wrote on 8/25/09 10:11 PM:

The Beck/Tews WiFi WPA attack presented at PacSec has been improved
(down to 1 min, MITM) by 2 .jp researchers (Ohigashi, Morii)
http://bit.ly/clCpm Remember: avoid WPA/TKIP and force AES only
encryption in WPA2 - don't let your access point automatically fall  
back
automatically to the insecure TKIP/WPA mode, to be safe. (At least  
until
any WPA2 attacks are published ;-P)


At the risk of sounding like a troll, this paper looks suspiciously  
like
one of those stuffy old useless academic style papers that Dave warned
us about a month or so ago.  I don't see any links to conference
proceedings in the sidebar on the page, but that's about all that's
missing.  There's even a (useful!) abstract published.  How academy  
is that?

Could it be that perhaps the anti-academics with chips on shoulders
about ivory towers aren't entirely correct?  Or is this a spasm of the
dieing[sic] brontosaurus?



Should have put in this link to the full paper from the conf proceedings
page as someone already correctly pointed out: http://bit.ly/8qwQt

The research team is scheduled to present an implementation of the
attack at a conference on Sept. 25.  (http://www.ieice.org/ken/paper/20090925faPH/eng/ 
).
(via YM Chen)

The attack seems to have wider applicability than the original Beck/Tews
variant it is based on as it uses chopchop during MITM without relying
on 802.11e QoS extensions like Beck/Tews does, but does require
interfering with AP and MITM which are additional complexity to
execution. (Hat tip: Cedric Blancher)

cheers,
--dr

--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Tokyo, Japan November 4/5 2009  http://pacsec.jp
Vancouver, Canada March 22-26  http://cansecwest.com
Amsterdam, Netherlands June  http://eusecwest.com
pgpkey http://dragos.com/ kyxpgp




_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

WPA attack improved to 1min, MITM Dragos Ruiu (Aug 26)
- Re: WPA attack improved to 1min, MITM Mike Patterson (Aug 26)
  - Re: WPA attack improved to 1min, MITM Dragos Ruiu (Aug 26)
    - Re: WPA attack improved to 1min, MITM Joshua Wright (Aug 26)
    - Re: WPA attack improved to 1min, MITM Cedric Blancher (Aug 27)
    - Re: WPA attack improved to 1min, MITM Mike Kershaw (Aug 27)
    - Re: WPA attack improved to 1min, MITM Cedric Blancher (Aug 27)
    - Message not available
    - Re: WPA attack improved to 1min, MITM Mike Kershaw (Aug 30)
    - Re: WPA attack improved to 1min via MITM Dragos Ruiu (Aug 30)