New WPA TKIP attack


[Martin Beck] and [Erik Tews] have just released a paper covering an improved attack against WEP and a brand new attack against WPA(PDF). For the WEP half, they offer a nice overview of attacks up to this point and the optimizations they made to reduce the number of packets needed to approximately 25K. The only serious threat to WPA so far has been the coWPAtty dictionary attack. This new attack lets you decrypt the last 12 bytes of a WPA packet’s plaintext and then generate arbitrary packets to send to the client. While it doesn’t recover the WPA key, the attacker is still able to send packets directly to the machine they’re attacking and could potentially read back the response via an outbound connection to the internet.

[photo: niallkennedy]

[via SANS]


  1. design says:
  2. ulises says:

    bullshit :P i need more information

  3. KG says:

    There is a so called enhancement to this attack recently presented in PacSec Japan. A good overview of original vulnerability and this enhancement can be found at

  4. Joel Ha says:

    I read your blog once in a while and I must mention that I like your template!

  5. This is one of the best blogs I’ve ever read. I m absolutely thrilled to get to read such a good blog. The amount of information that I gained is really great. This is an absolute masterpiece. I m really impressed. I would love to read more of your blogs. Please keep posting…….. Keep up the good work………..

  6. Ben Lockerz says:

    Howdy. Very first I would like to say that I really like your website, just determined it last week but I’ve been reading it since then.

    I seem to be to concur with most of your respective views and opinions and this post is no exception.

    Thank you for the fantastic webpage and I hope you keep up the good function. If you do I will carry on to read it.

    Have a great day.

  7. Compatibility

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Get every new post delivered to your Inbox.

Join 96,401 other followers