Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Major Flaw in Wi-Fi Protected Access Discovered


28 Dec 2011   #1
Brink
Microsoft MVP

64-bit Windows 8.1 Enterprise
 
 
Major Flaw in Wi-Fi Protected Access Discovered

Quote:
The now widely used Wi-Fi Protected Access (WPA) standard is apparently not as protected as router makers had hoped. According to a new study, the PIN codes used to lock down the system can be brute forced on many devices by inputting incorrect PIN codes. Millions of routers and access points could be affected.
Read more at:
Maximum PC | Major Flaw in Wi-Fi Protected Access Discovered


My System SpecsSystem Spec
28 Dec 2011   #2
lehnerus2000

Windows 7 Ultimate SP1 (64 bit), Linux Mint 17.1 MATE (64 bit)
 
 
I was just reading about that

Quote:
Summary: You know that easy to setup Wi-Fi access point or router of yours? It turns out that the easy to setup part is also easy to hack: Really easy to hack.
ZDNet
Wi-Fi Protected Setup is Busted | ZDNet

I've never trusted wireless.
My System SpecsSystem Spec
28 Dec 2011   #3
Total

Windows 7 Pro - 64 bit
 
 

hmmm
nsvander said ....

December 28, 2011 at 3:19pm
I actually just clicked the link, and you have the wrong terminology. You are confusing Wi-Fi Protected Access with Wi-Fi Protected Setup, the two are totally different.
My System SpecsSystem Spec
28 Dec 2011   #4
Qdos

 

I remember a Japanese guy saying well over a year ago that he would be able to crack WAP protection within two minutes using cracking software he'd developed on the very same principles, I'm sure it was published on El-Reg's website at the time...
My System SpecsSystem Spec
29 Dec 2011   #5
lehnerus2000

Windows 7 Ultimate SP1 (64 bit), Linux Mint 17.1 MATE (64 bit)
 
 

Quote   Quote: Originally Posted by Total View Post
hmmm
nsvander said ....

December 28, 2011 at 3:19pm
I actually just clicked the link, and you have the wrong terminology. You are confusing Wi-Fi Protected Access with Wi-Fi Protected Setup, the two are totally different.
I think that error has been fixed.

Since my wireless networking classes, I've always thought that the WPS (Easy Setup) was a disaster waiting to happen.

WPA-TKIP (Encryption) has been cracked.
http://en.wikipedia.org/wiki/Wi-Fi_P...hared_key_mode
http://en.wikipedia.org/wiki/Tempora...tocol#Security
My System SpecsSystem Spec
30 Dec 2011   #6
bigcitycat

Windows Seven, Ubuntu
 
 

You should read the links you post before commenting.
My System SpecsSystem Spec
30 Dec 2011   #7
lehnerus2000

Windows 7 Ultimate SP1 (64 bit), Linux Mint 17.1 MATE (64 bit)
 
 

Quote   Quote: Originally Posted by bigcitycat View Post
You should read the links you post before commenting.
Sorry?
I think that the links make it clear that WPS and WPA-TKIP are now vulnerable.

WPS (Easy Setup) can be broken by a "brute force" attack.
http://sviehb.files.wordpress.com/20...hboeck_wps.pdf

WPA-TKIP (Encryption) has been broken by at least two different groups of researchers (and a "blogger").
Quote:
Another dozen used WPA (Wi-Fi Protected Access), with the built-in Temporal Key Integrity Protocol (TKIP) security protocol. There, I used a rainbow table, a list of the most common WPA passwords, to pop open APs almost as quickly as I could open up a coke bottle. I also managed to pry open a pair of routers using WPA2 (Wi-Fi Protected Access 2) with TKIP using rainbow table.
ZDNet
Firesheep’s Real Lesson: Take Wi-Fi Security Seriously | ZDNet
My System SpecsSystem Spec
30 Dec 2011   #8
Dude

Windows 8.1 Pro + Windows 10
 
 

So is AES still decent, or has it been broken too/
My System SpecsSystem Spec
30 Dec 2011   #9
lehnerus2000

Windows 7 Ultimate SP1 (64 bit), Linux Mint 17.1 MATE (64 bit)
 
 
CCMP (AES) is still good

Quote   Quote: Originally Posted by Dude View Post
So is AES still decent, or has it been broken too/
Currently AES is "still standing".
Who knows for how long though.

Quote:
If you really want to secure a Wi-Fi network in 2010 you must use WPA2 with Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP), aka Advanced Encryption Standard (AES).
ZDNet
Firesheep’s Real Lesson: Take Wi-Fi Security Seriously | ZDNet


Quote:
The authors say that the attack can be defeated by deactivating QoS, or by switching from TKIP to AES-based CCMP.
Wikipedia
Wi-Fi Protected Access - Wikipedia, the free encyclopedia
My System SpecsSystem Spec
31 Dec 2011   #10
Qdos

 

I'm a little confoosed... what I'm seeing in the news concerns the weakness of the WPS PIN for assigning a security key across wireless devices from a router which is WPS equipped.

Many months ago there were claims of WEP security being crackable.

Most of us know to use stronger methods of encryption.

The present issue appears to relate uniquely to WPS and the PIN number generated as being vulnerable.

Wi-Fi Protected Setup easily unlocked by security flaw ? The Register
My System SpecsSystem Spec
Reply

 Major Flaw in Wi-Fi Protected Access Discovered




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 07:43 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App