1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WPA-TKIP is cracked

Discussion in 'Tomato Firmware' started by Kiwi8, Nov 13, 2008.

  1. Kiwi8

    Kiwi8 LI Guru Member

    http://www.itworld.com/security/57285/once-thought-safe-wpa-wi-fi-encryption-cracked

     
  2. fyellin

    fyellin LI Guru Member

    There's a fairly good description of the attack at http://arstechnica.com/articles/paedia/wpa-cracked.ars/1. It's serious but it's not that bad.

    The summary is:
     
  3. TVTV

    TVTV LI Guru Member

    So security freaks should now use WPA2 or WPA-AES encryption for their WiFi networks, eh?
     
  4. hogrod

    hogrod Network Guru Member

    I wouldn't say security freaks, I would say anyone who wants a secure wireless network.

    Though people probably do attack business networks, I would bet more home users wireless security is attacked by people in their neighborhood looking for free/alternative internet service for downloading music & movies Illegally.

    Definitely a good thing keeping your wireless locked down and as secure as possible, Though I wouldn't consider myself a security freak.
     
  5. jersully

    jersully LI Guru Member

    Using good security is so easy, everyone should do it. Other than older devices that can't use WPA/AES, there's no good reason not to.
     
  6. fyellin

    fyellin LI Guru Member

    I'd say it all depends on how paranoid you are.

    The break means that hackers can inject small packets that are slight variants of already existing small packets into your network. Your password isn't cracked, and neighbors can't use your network for their downloading.

    How much damage can the injection of small packets cause? Who knows.
     
  7. HennieM

    HennieM Network Guru Member

    I'd say the claim is either a bit wide, or perhaps misrepresented on itworld: They cracked WPA/TKIP (partly), they did not crack WPA/AES. AES encryption has long been an optional encryption algorithm for WPA, so to crack WPA, you should have cracked both TKIP and AES.

    A bit academic, but I know there will be people out there propagating "Don't use WPA, it's been cracked", while they should propagate "Don't use TKIP (even with WPA2), use AES".

    Anyway, the bottom line is never to use TKIP when you can use AES - it's faster AND more secure.
     
  8. bigclaw

    bigclaw Network Guru Member

    I'm not worried. I still have 3 WEP neighbors.
     

Share This Page