WPA Hacked?

Discussion in 'Wireless Networking' started by Jack Simmons, Nov 12, 2008.

  1. Jack Simmons

    Jack Simmons Guest

    I read that WPA wireless encryption has been hacked and should not be used.
    True?
    Jack Simmons, Nov 12, 2008
    #1
    1. Advertising

  2. Jack Simmons

    Big_Al Guest

    Jack Simmons wrote:
    > I read that WPA wireless encryption has been hacked and should not be used.
    > True?
    >
    >

    This was pulled from a previous posting.

    > From the weakest to the strongest, Wireless security capacity is.

    No Security
    MAC______(Band Aid if nothing else is available).
    WEP64____(Easy, to "Break" by knowledgeable people).
    WEP128___(A little Harder, but "Hackable" too).
    WPA-PSK__(Very Hard to Break).
    WPA-AES__(Not functionally Breakable)
    WPA2____ (Not functionally Breakable).
    Note 1: WPA-AES the the current entry level rendition of WPA2.
    Note 2: If you use WinXP and did not updated it you would have to
    download the WPA2 patch from Microsoft.
    http://support.microsoft.com/kb/893357

    The Core differences between WEP, WPA, and WPA2 -
    http://www.ezlan.net/wpa_wep.html
    Big_Al, Nov 12, 2008
    #2
    1. Advertising

  3. Jack Simmons

    Mark Martin Guest

    The only part of WPA that is "hacked" is the use of weak passwords and
    access being broken via brute force attacks. This "vulnerability" exists
    anytime you use a weak password with any encryption method.


    On 11/12/08 8:46 AM, in article ,
    "Big_Al" <> wrote:

    > Jack Simmons wrote:
    >> I read that WPA wireless encryption has been hacked and should not be used.
    >> True?
    >>
    >>

    > This was pulled from a previous posting.
    >
    >> From the weakest to the strongest, Wireless security capacity is.

    > No Security
    > MAC______(Band Aid if nothing else is available).
    > WEP64____(Easy, to "Break" by knowledgeable people).
    > WEP128___(A little Harder, but "Hackable" too).
    > WPA-PSK__(Very Hard to Break).
    > WPA-AES__(Not functionally Breakable)
    > WPA2____ (Not functionally Breakable).
    > Note 1: WPA-AES the the current entry level rendition of WPA2.
    > Note 2: If you use WinXP and did not updated it you would have to
    > download the WPA2 patch from Microsoft.
    > http://support.microsoft.com/kb/893357
    >
    > The Core differences between WEP, WPA, and WPA2 -
    > http://www.ezlan.net/wpa_wep.html
    Mark Martin, Nov 12, 2008
    #3
  4. "Mark Martin" <> wrote in message
    news:C54061F3.BB9E%...
    > The only part of WPA that is "hacked" is the use of weak passwords and
    > access being broken via brute force attacks. This "vulnerability" exists
    > anytime you use a weak password with any encryption method.


    So it technically isn't really even "hacked",...it is simply just
    discovering a password due to weak passwords which can happen with virtually
    anything.

    --
    Phillip Windell
    www.wandtv.com

    The views expressed, are my own and not those of my employer, or Microsoft,
    or anyone else associated with me, including my cats.
    -----------------------------------------------------
    Phillip Windell, Nov 12, 2008
    #4
  5. Jack Simmons

    Lem Guest

    Jack Simmons wrote:
    > I read that WPA wireless encryption has been hacked and should not be used.
    > True?
    >
    >


    Yes and no.

    There are basically 3 encryption standards available to home wifi users,
    WEP, WPA, and WPA2. By 2001, WEP encryption could be defeated in about
    1 or 2 hours using a regular consumer laptop. More recently, that time
    dropped to about 50 seconds. If you are at all concerned about
    security, don't use WEP.

    WPA is considerably stronger than WEP, and until recently, the main
    attack was to repeatedly guess passwords. Using a strong password is the
    main defense to this sort of attack.

    A few days ago, a paper was published describing a method of attacking
    WPA. The authors claim to be able to break WPA with about 12-15 minutes
    of access to a WPA-protected network. There are, however, two "flavors"
    of WPA.

    In order to permit WEP-capable systems to be firmware or driver
    upgradable to WPA, one type of WPA uses a technique called TKIP, which
    is a modification of the technique used in WEP. WPA-TKIP is the type of
    WPA that is the subject of the paper.

    The attack described will not work on the other type of WPA, which is
    called WPA-AES. AES is a much stronger encryption algorithm than the
    one used with WPA-TKIP. AES is also used in WPA2.

    The attack is not complete decryption of all transmissions, but is still
    worrying.

    Thus, if your hardware permits, use WPA2-PSK or WPA-PSK (AES). If your
    hardware only permits WPA-PSK (TKIP), then the authors of the paper
    suggest lowering the rekeying interval from the usual default of 3600
    seconds to 120 seconds or less.

    For further info, see
    http://arstechnica.com/articles/paedia/wpa-cracked.ars/2
    --
    Lem -- MS-MVP

    To the moon and back with 2K words of RAM and 36K words of ROM.
    http://en.wikipedia.org/wiki/Apollo_Guidance_Computer
    http://history.nasa.gov/afj/compessay.htm
    Lem, Nov 12, 2008
    #5
  6. Jack Simmons

    Lem Guest

    Lem, Nov 12, 2008
    #6
  7. Jack Simmons

    John Guest

    John, Nov 12, 2008
    #7
  8. Jack Simmons

    Jack Guest

    Hi
    If you read the technical condition under which it was "Hacked", you would
    see that it is Not very practical to employ.
    I do not thing that End-Users need to worry.
    Jack (MS, MVP-Networking)

    "Jack Simmons" <> wrote in message
    news:...
    >I read that WPA wireless encryption has been hacked and should not be used.
    >True?
    >
    Jack, Nov 14, 2008
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. R.H.
    Replies:
    0
    Views:
    5,155
  2. hax3
    Replies:
    10
    Views:
    4,800
  3. Dave Cox

    WPA-PSK & WPA

    Dave Cox, Feb 12, 2006, in forum: Wireless Networking
    Replies:
    4
    Views:
    707
    Dave Cox
    Feb 15, 2006
  4. Mike Webb

    WPA PSK vs WPA Personal (D-Link products)

    Mike Webb, Feb 12, 2008, in forum: Wireless Networking
    Replies:
    6
    Views:
    14,298
    Mike Webb
    Feb 13, 2008
  5. b_rizza
    Replies:
    0
    Views:
    4,555
    b_rizza
    May 21, 2010
Loading...

Share This Page