According to PC World the days of securing your WIFI network using Wi-Fi Protected Access (WPA) may be over, as researcher Erik Tews will show how he was able to crack WPA encryption in around 15 minutes at a the Tokyo PacSec Conference in two weeks time.
WPA was designed to overcome the insecurities in hacked Wired Equivalent Privacy (WEP) which can be hacked in a few minutes using a modern laptop.
Erik Tews will be demonstrating how he cracked the WPA encryption to read the data being sent from a router to a laptop.
To read the data being sent Tews found a way to crack the Temporal Key Integrity Protocol (TKIP) key without resorting to using a dictionary attack which, security experts have agreed that the protocol might be vulnerable too.
Although this is a big step Tews was still unable to crack the keys used to encrypt the data being sent back to the router from the laptop.
If the demonstration lives up to its headline then the days of WPA look to be numbered. This would come as a big blow to both consumers and corporations alike.
WPA is the most common standard of encryption in uses but, there is also a newer more secure standard WPA2, (which uses Advanced Encryption Standard (AES) and is unaffected), although support is still patchy. Consumer may find they are forced to still rely on the now unsecure WPA encryption to connect their devices to the network.
For Business this is even bigger headache. The TJ Maxx chain had hundreds of millions of customer details stolen due in part to the fact that they were still using the cracked WEP standard. It"s easy to see a situation where hackers may try to do the same using WPA forcing corporate users to VPN or WPA2 dumping devices that can"t support these protocols.