According to PC World, WPA2/AES has been cracked in 1 min by 2 Japaneses (Toshihiro Ohigashi and Masakatu Morii)
Check out the paper that Toshihiro Ohigashi and Masakatu Morii wrote: http://jwis2009.nsysu.edu.tw/location/paper/A%20Practical%20Message%20Falsification%20Attack%20on%20WPA.pdf
This exploit only involves TKIP and was published in the middle of July. The major issue with this new exploit was the speed of the crack, in about a minute!
I read the paper, and while I get drowsy reading anything about encryption, what I got out of this is that they have advanced the current attack which only involves cracking ARP frames. Now, I'm not saying it isn't newsworthy, but as I read it, the sky is not falling.
Now, I'm not saying it isn't newsworthy, but as I read it, the sky is not falling.
I'm with you on this one... the sky is kind of grey and overcast
Agree with GT and David.
Here are my 2 additional cents: the attack optimizes the packet injection phase only - earlier attack required 4 minutes for injecting new ARP packets, this attack requires 1 minute.
Please note that it still involves the 12 minute packet decoding phase that the earlier attack involved.
Is this just for WPA-Personal (PSK), or is WPA-Enterprise (802.1X) also effected?
Rick Murphy (CWNE, CWNT) has posted a great blog post here on cwnp.com giving his insights into this new frenzy around the hacking of WPA.