lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <C23CA240-EBD5-45CF-AFC1-B1F4FA665802@kyx.net>
Date: Fri, 7 Nov 2008 19:11:51 -0800
From: Dragos Ruiu <dr@....net>
To: George Ou <george_ou@...architect.net>
Cc: 'Full-Disclosure mailing list' <full-disclosure@...ts.grok.org.uk>,
	'Thierry Zoller' <Thierry@...ler.lu>, dailydave@...ts.immunitysec.com
Subject: Re: [Dailydave]  Once thought safe,
	WPA Wi-Fi encryption is cracked


On 7-Nov-08, at 3:01 PM, George Ou wrote:

> First of all, this was not a crack against WPA; it was a weakening  
> of TKIP.
> WPA != TKIP.  WPA is an industry certification standard which  
> mandates TKIP
> encryption capability but leaves AES encryption optional.  However,  
> most WPA
> devices do support AES.  WPA2 mandates both TKIP and AES  
> capability.  What
> this means is that people should add TKIP to the list of obsolete  
> encryption
> algorithms like WEP.
>
> The researches seem to have significantly weakened TKIP encryption,  
> so this
> is different from the previous stories last month which was about a  
> brute
> force dictionary attack on the Pre-Shared Key.  TKIP was always  
> known to be
> a stopgap measure in the encryption community and this research simply
> proved that prediction right.  WEP was deliberately weak so that  
> wireless
> access points could be exportable in the late 90s when we had rules  
> against
> exporting products with strong encryption, and TKIP was merely a  
> Band-Aid
> for WEP.  My worry is that people have the knee jerk reaction that all
> encryption, including 3DES or AES, is equally unworthy when in  
> reality these
> encryption standards are designed to hold up for many decades.


I'm afraid I have to disagree. Until you remove the default behaviour  
of most
WPA/WPA2 implementations to downgrade automatically to TKIP from  
CCMP(AES)
when asked to... a "weakening" of TKIP is a "weakening" of WPA/WPA2.

cheers,
--dr

--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Tokyo, Japan  November 12/13 2008  http://pacsec.jp
Vancouver, Canada  March 16-20 2009  http://cansecwest.com
pgpkey http://dragos.com/ kyxpgp

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ