[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] WPA attack improved to 1min, MITM
- To: Full-Disclosure mailing list <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: [Full-disclosure] WPA attack improved to 1min, MITM
- From: Dragos Ruiu <dr@xxxxxxx>
- Date: Tue, 25 Aug 2009 19:13:25 -0700
The Beck/Tews WiFi WPA attack presented at PacSec has been improved
(down to 1 min, MITM) by 2 .jp researchers (Ohigashi, Morii) http://bit.ly/clCpm
Remember: avoid WPA/TKIP and force AES only encryption in WPA2 -
don't let your access point automatically fall back automatically to
the insecure TKIP/WPA mode, to be safe. (At least until any WPA2
attacks are published ;-P)
cheers,
--dr
P.S. CanSecWest registration is now up, and a new Japanese PacSec
registration is live. June has been picked as the time for EUSecWest
in Amsterdam.
(hat tip: T Harada)
url: http://jwis2009.nsysu.edu.tw/index.php/jwis/jwis2009/paper/view/80
A Practical Message Falsification Attack on WPA
Toshihiro Ohigashi, Masakatu Morii
Last modified: 2009-07-20
Abstract
In 2008, Beck and Tews have proposed a practical attack on WPA. Their
attack (called the Beck-Tews attack) can recover plaintext from an
encrypted short packet, and can falsify it. The execution time of the
Beck-Tews attack is about 12-15 minutes. However, the attack has the
limitation, namely, the targets are only WPA implementations those
support IEEE802.11e QoS features. In this paper, we propose a
practical message falsification attack on any WPA implementation. In
order to ease targets of limitation of wireless LAN products, we apply
the Beck-Tews attack to the man-in-the-middle attack. In the man-in-
the-middle attack, the user's communication is intercepted by an
attacker until the attack ends. It means that the users may detect our
attack when the execution time of the attack is large. Therefore, we
give methods for reducing the execution time of the attack. As a
result, the execution time of our attack becomes about one minute in
the best case.
--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Tokyo, Japan November 4/5 2009 http://pacsec.jp
Vancouver, Canada March 22-26 http://cansecwest.com
Amsterdam, Netherlands June http://eusecwest.com
pgpkey http://dragos.com/ kyxpgp
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/