Full Disclosure mailing list archives
Re: [Dailydave] Once thought safe, WPA Wi-Fi encryption is cracked
From: "George Ou" <george_ou () lanarchitect net>
Date: Fri, 7 Nov 2008 15:01:44 -0800
First of all, this was not a crack against WPA; it was a weakening of TKIP. WPA != TKIP. WPA is an industry certification standard which mandates TKIP encryption capability but leaves AES encryption optional. However, most WPA devices do support AES. WPA2 mandates both TKIP and AES capability. What this means is that people should add TKIP to the list of obsolete encryption algorithms like WEP. The researches seem to have significantly weakened TKIP encryption, so this is different from the previous stories last month which was about a brute force dictionary attack on the Pre-Shared Key. TKIP was always known to be a stopgap measure in the encryption community and this research simply proved that prediction right. WEP was deliberately weak so that wireless access points could be exportable in the late 90s when we had rules against exporting products with strong encryption, and TKIP was merely a Band-Aid for WEP. My worry is that people have the knee jerk reaction that all encryption, including 3DES or AES, is equally unworthy when in reality these encryption standards are designed to hold up for many decades. George Ou -----Original Message----- From: dailydave-bounces () lists immunitysec com [mailto:dailydave-bounces () lists immunitysec com] On Behalf Of Dragos Ruiu Sent: Friday, November 07, 2008 11:33 AM To: Thierry Zoller Cc: Full-Disclosure mailing list; dailydave () lists immunitysec com Subject: Re: [Dailydave] [Full-disclosure] Once thought safe, WPA Wi-Fi encryption is cracked On 7-Nov-08, at 9:37 AM, Thierry Zoller wrote:
WPA is not cracked, a way was found to brute TKIP.
Not quite exactly... The actual impact is unclear due to the complicated exploitation mode. And there are suggestions that it can be expanded upon... The attack lets AP -> Client communications be decrypted, and a hostile attacker can inject traffic. Client -> AP communications are not threatened yet, AFAIK. What can be done with this capability is still to be evaluated. The complicated part comes in the fact that part of this attack is cryptographic weakness, and part of it is a protocol weakness. It will take some more study before it is fully understood and the full scope of impact is known IMHO. cheers, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques Tokyo, Japan November 12/13 2008 http://pacsec.jp Vancouver, Canada March 16-20 2009 http://cansecwest.com pgpkey http://dragos.com/ kyxpgp _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Once thought safe, WPA Wi-Fi encryption is cracked Ivan . (Nov 06)
- Re: Once thought safe, WPA Wi-Fi encryption is cracked Thierry Zoller (Nov 07)
- Re: Once thought safe, WPA Wi-Fi encryption is cracked Dragos Ruiu (Nov 07)
- Re: [Dailydave] Once thought safe, WPA Wi-Fi encryption is cracked George Ou (Nov 07)
- Re: [Dailydave] Once thought safe, WPA Wi-Fi encryption is cracked Thierry Zoller (Nov 07)
- Re: [Dailydave] Once thought safe, WPA Wi-Fi encryption is cracked Dragos Ruiu (Nov 07)
- Re: [Dailydave] Once thought safe, WPA Wi-Fi encryption is cracked Cedric Blancher (Nov 08)
- Re: Once thought safe, WPA Wi-Fi encryption is cracked Dragos Ruiu (Nov 07)
- Re: Once thought safe, WPA Wi-Fi encryption is cracked Thierry Zoller (Nov 07)