WPA security - gone in 60 seconds
27th August 2009.
As we reported last year, people have been trying to brute force WPA keys for some time. Now two Japanese computer scientists have developed a more elegant approach for breaking WPA encryption in "about a minute". Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University will be revealing details of their attack at a conference in Japan on September 25th.
This attack builds on previous theoretical work and makes it much more practical according to Drafgos Ruiu, organiser of the PacSec security conference.
What does all of this mean for the man on the street? Well, WPA security can be used for securing signals between computers and wireless routers. This attack only works on WPA Temporal Key Integrity Protocol (TKIP), so if you're really paranoid that someone with the very latest methods is trying to read your wireless traffic, then we suggest you change to WPA2 or switch to AES encryption, both of which are still just fine. If your router has been bought after March 2006 it will support WPA2 and AES. Phew!