ALERT: WPA-TKIP isn't secure - use WPA2 instead

#1 (**permalink**) 11-07-2009, 04:14 PM

SUMMARY:

WPA-PSK is vulnerable to offline attack.
WPA-TKIP has been cracked.

TO AVOID THESE PROBLEMS:

1. USE WPA-AES or WPA2 instead of WPA-TKIP (or WEP)

2. USE A PASSPHRASE WITH MORE THAN 20 CHARACTERS. Examples:
BAD: "vintage wine"
GOOD: "floor hiking dirt ocean"
(pick your own words, even longer is better)
FOR HIGH SECURITY, USE MORE THAN 32 CHARACTERS.

BACKGROUND:

Weakness in Passphrase Choice in WPA Interface
<http://wifinetnews.com/archives/002452.html>

Practical attacks against WEP and WPA
<http://dl.aircrack-ng.org/breakingwepandwpa.pdf>

A Practical Message Falsication Attack on WPA
<http://jwis2009.nsysu.edu.tw/location/paper/A%20Practical%20Message%20Falsification%20Attack%2 0on%20WPA.pdf>

New attack cracks common Wi-Fi encryption in a minute
<http://www.networkworld.com/news/2009/082709-new-attack-cracks-common-wi-fi.html>

Passphrase Flaw Exposed in WPA Wireless Security
<http://www.technewsworld.com/story/32070.html>

Cracking Wi-Fi Protected Access (WPA)
<http://www.ciscopress.com/articles/article.asp?p=369221>
<http://www.ciscopress.com/articles/article.asp?p=370636&rl=1>

Cracking WEP and WPA Wireless Networks
<http://docs.lucidinteractive.ca/index.php/Cracking_WEP_and_WPA_Wireless_Networks>