Researchers Crack WPA Wi-Fi Encryption

Many IT security pros use the Wi-Fi Protected Access (WPA) encryption standard to protect data on wireless networks because it’s considered tough to hack. But have researchers found a way to hack WPA?

In an article on the ComputerWorld website, Robert McMillan says the researchers will discuss the attack this week at the PacSec conference in Tokyo. Researcher Erik Tews will show how he could crack WPA encryption and read data being sent from a router to a laptop.

“To do this, Tews and his co-researcher Martin Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, used by WPA, in a relatively short amount of time: 12 to 15 minutes,” McMillan says. “They have not, however, managed to crack the encryption keys used to secure data that goes from the PC to the router in this particular attack.”

McMillan says security experts do know that TKIP could be cracked using what's known as a dictionary attack, which is using massive computational resources to crack the encryption by making an extremely large number of educated guesses as to what key is being used to secure the wireless data.

But the work of Tews and Beck does not involve a dictionary attack. Instead, they trick the router into sending them large amounts of data to crack the key.