Feeds

WPA keys gone in 60 seconds

Time to move to WPA 2

Secure remote control for conventional and virtual desktops

Networking nerds claim to have devised a way of breaking Wi-Fi Protected Access (WPA) encryption within 60 seconds.

The technique, developed by Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University, is based on the established Becks-Tews method, which involves making minor changes to packets encrypted with TKIP - Temporal Key Integrity Protocol, a WPA security mechamism - and then sending those packets back to the access point.

However, the Becks-Tews method is known to take anywhere between ten and 15 minutes to execute.

In a recently released paper, Ohigashi and Morii proposed a man-in-the-middle style of attack – also used by the Beck-Tews approach – in which a user’s communication is intercepted by an attacker.

This approach carries a high risk of detection, the pair admitted, so being able to shorten the attack time down to under one minute is a major advantage – to potential hackers, at least.

Ohigashi’s and Morii’s technique doesn’t work in WPA 2 – the AES-based successor to WPA.

The pair will formally unveil their technique at a conference in Hiroshima, Japan late next month. ®

Internet Security Threat Report 2014

More from The Register

next story
YOU are the threat: True confessions of real-life sysadmins
Who will save the systems from the men and women who save the systems from you?
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
Broadband sellers in the UK are UP TO no good, says Which?
Speedy network claims only apply to 10% of customers
Virgin Media struck dumb by NATIONWIDE packet loss balls-up
Turning it off and on again fixes glitch 12 HOURS LATER
Ofcom snatches 700MHz off digital telly, hands it to mobile data providers
Hungry mobe'n'slab-waving Blighty swallows spectrum
Fujitsu CTO: We'll be 3D-printing tech execs in 15 years
Fleshy techie disses network neutrality, helmet-less motorcyclists
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
The Heartbleed Bug: how to protect your business with Symantec
What happens when the next Heartbleed (or worse) comes along, and what can you do to weather another chapter in an all-too-familiar string of debilitating attacks?
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.