Is it Safe in the Wireless Waters
Friday, October 16, 2009 11:00
Just when you thought it was safe to use wireless, along comes a new attack on wireless encryption. WEP (Wired Equivalent Privacy), the oldest form of wireless encryption, has not been safe to use for quite some time, and I would recommend you use one of the other wireless encryption methods mentioned in this article if you are still using WEP. The information or data that you send or receive on your wireless connection can easily be captured and read by others if you don’t encrypt that traffic. This article will help you make necessary changes to your wireless network.
WPA Attack Details
In late August or early September, a computer researcher out of Japan developed a way to break or crack the WPA (Wi-Fi Protected Access) encryption which is the next higher level of wireless encryption after WEP. The man-in-the-middle attack method developed by the computer researcher allows the attacker the ability to read the encrypted data sent between computers and some types of routers that use WPA. Previously, it had been shown by researchers that WPA could be broken but it has not been until now that an actual attack method has been developed and shown to work.
The attack works only with devices using WPA with the TKIP (Temporal Key Integrity Protocol) algorithm. WPA-TKIP was developed after WEP was cracked and was meant to be a short-term fix to the WEP problem. Later, WPA with AES (Advanced Encryption Standard) was developed and implemented to replace WPA-TKIP. The problem is that WPA-TKIP is still being used by many devices.
Protection Against the Attack
At this time, the WPA attack method only works against WPA when using TKIP algorithm so you can use WPA with AES algorithm or switch to WPA-2 which is currently the highest level of wireless encryption. If I was making changes to my wireless network, I would switch to WPA-2. The only thing that might be an issue with WPA-2 is the age of your wireless devices. Wi-Fi certified products have had to support WPA-2 since early 2006. If your wireless products are newer than 2006, there should not be a problem switching to WPA-2. If you are unsure which encryption method you are using, log into your wireless router to find out. If your device supports it, you should be able to switch from WPA-TKIP to WPA-AES using the router’s interface . The router’s interface should also be the place to switch to WPA-2 if your product supports this level of encryption. If you are still unsure, look in your product documentation or contact your vendors directly for support.
Related posts: