If you think your home wireless network is all locked down just because you’ve added WPA encryption, it may be time to lock the doors, dig out those old Ethernet cables, and start wiring up the house. This week, a team of researchers will unveil a method for bypassing the popular WPA-TKIP encryption standard, along with a tool for doing it.
The duo from the Technical University of Darmstadt, Germany will unleash their crack at this week’s PacSec security conference in Tokyo. The team has already detailed the exploit though, in a paper entitled Practical attacks against WEP and WPA [PDF], which they released through the group Aircrack-ng. In it, they detail a method for gaining access to the flow of data from router to PC, allowing hackers to potentially slide their own packets of data into a stream and pass them off as coming from a router. Though it allows third parties to toy with the data flow in a network, it isn’t a “key recovery” technique, meaning it doesn’t open up full access to a network the way actually knowing the proper key does.
Home WPA-TKIP users worried about their privacy can transition to either the stronger WPA-AES encryption, or WPA2.