lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <000001c9412c$cf3037e0$6d90a7a0$@net>
Date: Fri, 7 Nov 2008 15:01:44 -0800
From: "George Ou" <george_ou@...architect.net>
To: "'Dragos Ruiu'" <dr@....net>,
	"'Thierry Zoller'" <Thierry@...ler.lu>
Cc: 'Full-Disclosure mailing list' <full-disclosure@...ts.grok.org.uk>,
	dailydave@...ts.immunitysec.com
Subject: Re: [Dailydave]  Once thought safe,
	WPA Wi-Fi encryption is cracked

First of all, this was not a crack against WPA; it was a weakening of TKIP.
WPA != TKIP.  WPA is an industry certification standard which mandates TKIP
encryption capability but leaves AES encryption optional.  However, most WPA
devices do support AES.  WPA2 mandates both TKIP and AES capability.  What
this means is that people should add TKIP to the list of obsolete encryption
algorithms like WEP.

The researches seem to have significantly weakened TKIP encryption, so this
is different from the previous stories last month which was about a brute
force dictionary attack on the Pre-Shared Key.  TKIP was always known to be
a stopgap measure in the encryption community and this research simply
proved that prediction right.  WEP was deliberately weak so that wireless
access points could be exportable in the late 90s when we had rules against
exporting products with strong encryption, and TKIP was merely a Band-Aid
for WEP.  My worry is that people have the knee jerk reaction that all
encryption, including 3DES or AES, is equally unworthy when in reality these
encryption standards are designed to hold up for many decades.


George Ou 
-----Original Message-----
From: dailydave-bounces@...ts.immunitysec.com
[mailto:dailydave-bounces@...ts.immunitysec.com] On Behalf Of Dragos Ruiu
Sent: Friday, November 07, 2008 11:33 AM
To: Thierry Zoller
Cc: Full-Disclosure mailing list; dailydave@...ts.immunitysec.com
Subject: Re: [Dailydave] [Full-disclosure] Once thought safe, WPA Wi-Fi
encryption is cracked


On 7-Nov-08, at 9:37 AM, Thierry Zoller wrote:

> WPA is not cracked, a way was found to brute TKIP.

Not quite exactly... The actual impact is unclear due to the  
complicated exploitation mode.
And there are suggestions that it can be expanded upon...

The attack lets AP -> Client communications be decrypted, and a  
hostile attacker can inject traffic.
Client -> AP communications are not threatened yet, AFAIK.

What can be done with this capability is still to be evaluated. The  
complicated part comes in the
fact that part of this attack is cryptographic weakness, and part of  
it is a protocol weakness.

It will take some more study before it is fully understood and the  
full scope of impact is known IMHO.

cheers,
--dr


--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Tokyo, Japan  November 12/13 2008  http://pacsec.jp
Vancouver, Canada  March 16-20 2009  http://cansecwest.com
pgpkey http://dragos.com/ kyxpgp

_______________________________________________
Dailydave mailing list
Dailydave@...ts.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ