NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Immunitysec Daily Dave> 2009-q3

Re: [Dailydave] WPA attack improved to 1min, MITM

From: Dragos Ruiu (drkyx.net)
Date: Wed Aug 26 2009 - 11:12:24 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 26-Aug-09, at 8:29 AM, Mike Patterson wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Dragos Ruiu wrote on 8/25/09 10:11 PM:
>> The Beck/Tews WiFi WPA attack presented at PacSec has been improved
>> (down to 1 min, MITM) by 2 .jp researchers (Ohigashi, Morii)
>> http://bit.ly/clCpm Remember: avoid WPA/TKIP and force AES only
>> encryption in WPA2 - don't let your access point automatically fall
>> back
>> automatically to the insecure TKIP/WPA mode, to be safe. (At least
>> until
>> any WPA2 attacks are published ;-P)
>
> At the risk of sounding like a troll, this paper looks suspiciously
> like
> one of those stuffy old useless academic style papers that Dave warned
> us about a month or so ago. I don't see any links to conference
> proceedings in the sidebar on the page, but that's about all that's
> missing. There's even a (useful!) abstract published. How academy
> is that?
>
> Could it be that perhaps the anti-academics with chips on shoulders
> about ivory towers aren't entirely correct? Or is this a spasm of the
> dieing[sic] brontosaurus?

Should have put in this link to the full paper from the conf proceedings
page as someone already correctly pointed out: http://bit.ly/8qwQt

The research team is scheduled to present an implementation of the
attack at a conference on Sept. 25. (http://www.ieice.org/ken/paper/20090925faPH/eng/
).
(via YM Chen)

The attack seems to have wider applicability than the original Beck/Tews
variant it is based on as it uses chopchop during MITM without relying
on 802.11e QoS extensions like Beck/Tews does, but does require
interfering with AP and MITM which are additional complexity to
execution. (Hat tip: Cedric Blancher)

cheers,
--dr

--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Tokyo, Japan November 4/5 2009 http://pacsec.jp
Vancouver, Canada March 22-26 http://cansecwest.com
Amsterdam, Netherlands June http://eusecwest.com
pgpkey http://dragos.com/ kyxpgp

_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]