Re: [Full-disclosure] [Dailydave] Once thought safe, WPA Wi-Fi encryption is cracked

[Dragos Ruiu <dr@xxxxxxx>]

On 7-Nov-08, at 3:01 PM, George Ou wrote:

> First of all, this was not a crack against WPA; it was a weakening  
> of TKIP.
> WPA != TKIP.  WPA is an industry certification standard which  
> mandates TKIP
> encryption capability but leaves AES encryption optional.  However,  
> most WPA
> devices do support AES.  WPA2 mandates both TKIP and AES  
> capability.  What
> this means is that people should add TKIP to the list of obsolete  
> encryption
> algorithms like WEP.
>
> The researches seem to have significantly weakened TKIP encryption,  
> so this
> is different from the previous stories last month which was about a  
> brute
> force dictionary attack on the Pre-Shared Key.  TKIP was always  
> known to be
> a stopgap measure in the encryption community and this research simply
> proved that prediction right.  WEP was deliberately weak so that  
> wireless
> access points could be exportable in the late 90s when we had rules  
> against
> exporting products with strong encryption, and TKIP was merely a  
> Band-Aid
> for WEP.  My worry is that people have the knee jerk reaction that all
> encryption, including 3DES or AES, is equally unworthy when in  
> reality these
> encryption standards are designed to hold up for many decades.


I'm afraid I have to disagree. Until you remove the default behaviour  
of most
WPA/WPA2 implementations to downgrade automatically to TKIP from  
CCMP(AES)
when asked to... a "weakening" of TKIP is a "weakening" of WPA/WPA2.

cheers,
--dr

--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Tokyo, Japan  November 12/13 2008  http://pacsec.jp
Vancouver, Canada  March 16-20 2009  http://cansecwest.com
pgpkey http://dragos.com/ kyxpgp

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/