Practical attacks against WEP and WPA - Research paper

German researchers have published a paper that claims to give details of how to crack the Wi-Fi Protected Access encryption standard. A proof-of-concept tool to crack Wi-Fi Protected Access (WPA) has also been published by the researchers, Martin Beck of the Technical University of Dresden, and Erik Tews of the Technical University of Darmstadt.The research […]

German researchers have published a paper that claims to give details of how to crack the Wi-Fi Protected Access encryption standard. A proof-of-concept tool to crack Wi-Fi Protected Access (WPA) has also been published by the researchers, Martin Beck of the Technical University of Dresden, and Erik Tews of the Technical University of Darmstadt.

The research paper, Practical attacks against WEP and WPA, was published on Saturday. It gives details of how the researchers used a modified Wired Equivalent Privacy (WEP) attack against WPA. WPA can use two protocols to protect payload — Temporal Key Integrity Protocol (TKIP) and AES-CCMP. Tews and Beck concentrated on compromising TKIP, and claim to have done so by modifying a 'chopchop' attack against WEP.

A chopchop attack works by taking one byte of data from a WEP encrypted packet, substituting values for that byte, and recalculating the encryption checksum. The modified packets are then sent to an access point, which simply discards them until a valid checksum is eventually substituted by the attacker.

Download: Practical attacks against WEP and WPA (pdf)

Source:→ Zdnet News