Submission + - Latest Hype on Broken WPA Is Incorrect (wifinetnews.com)
Glenn Fleishman writes: "The hullabaloo about "WPA cracked in sixty seconds" that Slashdot linked to and that's all over the Internet is entirely incorrect, and it's not what the Japanese academics claim in the paper to which everyone links. The researchers found a way, using a physical man-in-the-middle relay, to speed up last year's exploit in the TKIP key method (in WPA and WPA2) that allows a falsified packet to be sent to a client when the packet is short and contains mostly known information. ARP packets are the example.
The Japanese paper is very clever, and it reduces the time to break a key 37 percent of the time to one minute, but it requires a very specific physical insertion, and it doesn't provide key recovery of the TKIP key material. It only recovers a single per-packet key used in the MIC packet integrity checksum.
The recommendation to move to AES-CCMP, available only in WPA2, is a good one. But TKIP is simply not broken, nor is "WPA" broken."