Reports: WPA Wi-Fi encryption cracked

Graham Cluley
Graham Cluley
@[email protected]

Wi-fi hazard

Researchers are claiming that they have found a way to partially crack the encryption used on WPA wireless communications.

According to a media reports, Erik Tews and Martin Beck claim that they have found a way to unlock the Temporal Key Integrity Protocol (TKIP) key, used by WPA, to read data sent from a wireless router to laptop computers. According to the researchers, the key can be cracked in 12-15 minutes.

Many companies and home users currently use the WPA (Wi-Fi Protected Access) encryption protocol to prevent criminals from sniffing confidential information out of the air which could be used for the purposes of identity theft.

Sign up to our free newsletter.
Security news, advice, and tips.

It has long been known that WEP, an earlier encryption standard, was easily breached and many individuals and firms who use wireless have been encouraged to make the switch to a more secure system such as WPA or WPA2.

Indeed, just last month I reported on how the Payment Card Industry (PCI) Security Standards Council was telling retailers that they must use better encryption like WPA or WPA2 to protect credit card and other identity information following a spate of embarrassing data breaches.

Fortunately, so far the researchers say they have not been able to find a way to intercept communications sent from wireless laptops to the router – only data sent in the other direction. Nevertheless, there will be many eyes turned to next week’s PacSec conference in Tokyo where Tews says he will demonstrate the attack against WPA.

Depending on what is revealed, some companies may need to look again at their Wi-Fi security and adopt a higher level of encryption. WPA2 has not suffered from any cracks so far – maybe everyone should switch to that?

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.