New WPA TKIP Attack

wifibox

[Martin Beck] and [Erik Tews] have just released a paper covering an improved attack against WEP and a brand new attack against WPA(PDF). For the WEP half, they offer a nice overview of attacks up to this point and the optimizations they made to reduce the number of packets needed to approximately 25K. The only serious threat to WPA so far has been the coWPAtty dictionary attack. This new attack lets you decrypt the last 12 bytes of a WPA packet’s plaintext and then generate arbitrary packets to send to the client. While it doesn’t recover the WPA key, the attacker is still able to send packets directly to the machine they’re attacking and could potentially read back the response via an outbound connection to the internet.

[photo: niallkennedy]

[via SANS]

7 thoughts on “New WPA TKIP Attack

  1. This is one of the best blogs I�ve ever read. I m absolutely thrilled to get to read such a good blog. The amount of information that I gained is really great. This is an absolute masterpiece. I m really impressed. I would love to read more of your blogs. Please keep posting��.. Keep up the good work���..

  2. Howdy. Very first I would like to say that I really like your website, just determined it last week but I’ve been reading it since then.

    I seem to be to concur with most of your respective views and opinions and this post is no exception.

    Thank you for the fantastic webpage and I hope you keep up the good function. If you do I will carry on to read it.

    Have a great day.

Leave a Reply to Joel HaCancel reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.