Dailydave mailing list archives
WPA attack improved to 1min, MITM
From: Dragos Ruiu <dr () kyx net>
Date: Tue, 25 Aug 2009 19:11:08 -0700
The Beck/Tews WiFi WPA attack presented at PacSec has been improved (down to 1 min, MITM) by 2 .jp researchers (Ohigashi, Morii) http://bit.ly/clCpm Remember: avoid WPA/TKIP and force AES only encryption in WPA2 - don't let your access point automatically fall back automatically to the insecure TKIP/WPA mode, to be safe. (At least until any WPA2 attacks are published ;-P)
cheers, --drP.S. CanSecWest registration is now up, and a new Japanese PacSec registration is live. June has been picked as the time for EUSecWest in Amsterdam.
(hat tip: T Harada) url: http://jwis2009.nsysu.edu.tw/index.php/jwis/jwis2009/paper/view/80 A Practical Message Falsification Attack on WPA Toshihiro Ohigashi, Masakatu Morii Last modified: 2009-07-20 AbstractIn 2008, Beck and Tews have proposed a practical attack on WPA. Their attack (called the Beck-Tews attack) can recover plaintext from an encrypted short packet, and can falsify it. The execution time of the Beck-Tews attack is about 12-15 minutes. However, the attack has the limitation, namely, the targets are only WPA implementations those support IEEE802.11e QoS features. In this paper, we propose a practical message falsification attack on any WPA implementation. In order to ease targets of limitation of wireless LAN products, we apply the Beck-Tews attack to the man-in-the-middle attack. In the man-in- the-middle attack, the user's communication is intercepted by an attacker until the attack ends. It means that the users may detect our attack when the execution time of the attack is large. Therefore, we give methods for reducing the execution time of the attack. As a result, the execution time of our attack becomes about one minute in the best case.
-- World Security Pros. Cutting Edge Training, Tools, and Techniques Tokyo, Japan November 4/5 2009 http://pacsec.jp Vancouver, Canada March 22-26 http://cansecwest.com Amsterdam, Netherlands June http://eusecwest.com pgpkey http://dragos.com/ kyxpgp
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- WPA attack improved to 1min, MITM Dragos Ruiu (Aug 26)
- Re: WPA attack improved to 1min, MITM Mike Patterson (Aug 26)
- Re: WPA attack improved to 1min, MITM Dragos Ruiu (Aug 26)
- Re: WPA attack improved to 1min, MITM Joshua Wright (Aug 26)
- Re: WPA attack improved to 1min, MITM Cedric Blancher (Aug 27)
- Re: WPA attack improved to 1min, MITM Mike Kershaw (Aug 27)
- Re: WPA attack improved to 1min, MITM Cedric Blancher (Aug 27)
- Message not available
- Re: WPA attack improved to 1min, MITM Mike Kershaw (Aug 30)
- Re: WPA attack improved to 1min, MITM Dragos Ruiu (Aug 26)
- Re: WPA attack improved to 1min via MITM Dragos Ruiu (Aug 30)
- Re: WPA attack improved to 1min, MITM Mike Patterson (Aug 26)