TechTarget

WPA failing to protect wireless data, say experts

Standard Wi-Fi Protected...

Standard Wi-Fi Protected Access (WPA) and WPA2 encryption systems are no longer strong enough to protect wireless data following the release of Russian password recovery software, say security experts.

The Elcomsoft password recovery tool enables criminals to tap into the computing power of the latest nVidia graphics cards to speed up encryption key cracking times by up to 10,000 times.

Ken Munro, director of the penetration testing division of NCC Group, said the software enables distributed supercomputing using the spare resources of PC graphics cards in a business to greatly increase the speed of cracking pre-shared encryption keys.

"Cracking WPA keys used to be very time consuming, but with the speed of [graphics card] processors now, wireless keys are starting to look vulnerable," he told Computer Weekly.

Munro said anyone using the personal or pre-shared key (PSK) versions of WPA and WPA2 should use the maximum length of key characters to make them more difficult to crack.

Users with the technical ability should also ensure they are using the stronger Advanced Encryption Standard (AES) WPA encryption cipher instead of the weaker Temporary Key Initiation Protocol (TKIP).

"Most corporates should be using the much more resilient enterprise versions of WPA and they will be safe, but I have known some to use the personal version and they should upgrade as soon as possible," said Munro.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close