ALERT: WPA-TKIP isn't secure - use WPA2 instead

#1 (**permalink**) 07-14-2012, 02:18 PM

SUMMARY:

WPA-PSK is vulnerable to offline attack.
WPA-TKIP has been cracked.

TO AVOID THESE PROBLEMS:

1. USE WPA-AES or WPA2 instead of WPA-TKIP (or WEP)

2. USE A PASSPHRASE WITH MORE THAN 20 CHARACTERS. Examples:
BAD: "vintage wine"
GOOD: "floor hiking dirt ocean"
(pick your own words, even longer is better)
FOR HIGH SECURITY, USE MORE THAN 32 CHARACTERS.

BACKGROUND:

Weakness in Passphrase Choice in WPA Interface
<http://wifinetnews.com/archives/002452.html>

Practical attacks against WEP and WPA
<http://dl.aircrack-ng.org/breakingwepandwpa.pdf>

A Practical Message Falsication Attack on WPA
<http://jwis2009.nsysu.edu.tw/location/paper/A%20Practical%20Message%20Falsification%20Attack%2 0on%20WPA.pdf>

New attack cracks common Wi-Fi encryption in a minute
<http://www.networkworld.com/news/2009/082709-new-attack-cracks-common-wi-fi.html>

Passphrase Flaw Exposed in WPA Wireless Security
<http://www.technewsworld.com/story/32070.html>

Cracking Wi-Fi Protected Access (WPA)
<http://www.ciscopress.com/articles/article.asp?p=369221>
<http://www.ciscopress.com/articles/article.asp?p=370636&rl=1>

Cracking WEP and WPA Wireless Networks
<http://docs.lucidinteractive.ca/index.php/Cracking_WEP_and_WPA_Wireless_Networks>

#2 (**permalink**) 07-15-2012, 02:31 PM

PSK or EAP?

> TO AVOID THESE PROBLEMS:
>
> 1. USE WPA-AES or WPA2 instead of WPA-TKIP (or WEP)

--
@~@ Remain silent. Nothing from soldiers and magicians is real!
/ v \ Simplicity is Beauty!
/( _ )\ May the Force and farces be with you!
^ ^ (x86_64 Ubuntu 9.10) Linux 2.6.39.3
不借貸! 不詐騙! 不援交! 不打交! 不打劫! 不自殺! 請考慮綜援 (CSSA):
http://www.swd.gov.hk/tc/index/site_...sub_addressesa