Well it looks like we're down on only one encryption for wireless that is still uncrackable. According to this paper, it possible under certain specific circumstances to crack WPA encryption using TKIP as the encryption method. WPA with AES is still secure (as far as we know). The attack is of the man in the middle variety and takes about a minute to do. WPA-TKIP is only vulnerable if your configuration supports QoS, but to be safe I recommend that if you can, switch to AES right away. If you can't, and you have to use TKIP well at least its more secure than WEP (takes under 30 seconds to crack). Its likely that most home routers don't use the QoS features so you are probably safe, but as with this kind of thing, once a vulnerability is found more quickly follow that probably aren't as difficult. Best to be safe.. most all routers and wireless devices support WPA-AES these days. (or WPA2 its sometimes called).
Update: OK I was wrong. There was an old attack that used QoS, this one does not depend on it being in place. TKIP has apparently been completely cracked within a minute. My advice to all of my readers (HI MOM) upgrade to AES if you can!
I'm Back!
16 years ago
No comments:
Post a Comment