14 DAY TRIAL // Two Japanese researchers have devised a new practical attack against the WPA/TKIP encryption system still used in many Wi-Fi environments. The method is based on a mainly theoretical attack presented last year, but it was extended to all WPA implementations and can succeed in about one minute.
The Wi-Fi Protected Access (WPA) certification employs the Temporal Key Integrity (TKIP) protocol to secure wireless LAN communications. It has been designed as a temporary replacement for the now deprecated and highly insecure Wired Equivalent Privacy (WEP) protocol, while accommodating older hardware.
Both WPA/TKIP and WEP make use of the RC4 stream cipher, which has been deemed vulnerable since as far back as 2001, to encrypt communication. However, TKIP is much more secure because it generates unique keys for each data packet, making brute force attacks impractical from a resource and required time perspective.
At last year's PacSec security conference that took place in Tokyo, security researchers Erik Tews and Martin Beck presented a theoretical attack against WPA/TKIP that could be used to obtain the master TKIP key in between 12 to 15 minutes. "Erik and Martin have just opened the box on a whole new hacker playground," Dragos Ruiu, the PacSec organizer, commented on the issue at the time.
It seems that Mr. Ruiu was right, as security researchers Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University have taken the technique to the next step and put the attack into practice. They plan on demonstrating it in September at an upcoming conference.
Meanwhile, the researchers have published a paper (PDF) entitled "A Practical Message Falsification Attack on WPA," in which they explain that "In order to ease targets of limitation of wireless LAN products, we apply the Beck-Tews attack to the man-in-the-middle attack" and that due to new proposed methods "the execution time of our attack becomes about one minute in the best case."
WPA2, which uses the CCMP AES-based block cipher, is not vulnerable to this new attack and, according to security experts, it is likely to remain secure for a long time to come. However, while most guidelines currently recommend WPA2 to secure wireless networks, WPA/TKIP is still used in many environments.
Switching from WPA to WPA2 usually requires hardware replacement if the equipment is old, which can prove costly for large enterprise environments, unlike private networks. All Wi-Fi certified products produced since 2006 should support WPA2, but if yours doesn't, it would be a good idea to start planning for an upgrade immediately.