Practical attack on WPA?

Fri Aug 28 10:56:10 EDT 2009

http://jwis2009.nsysu.edu.tw/location/paper/A%20Practical%20Message%20Falsification%20Attack%20on%20WPA.pdf

A Practical Message Falsiﬁcation Attack on WPA
Toshihiro Ohigashi and Masakatu Morii

Abstract. In 2008, Beck and Tews have proposed a practical attack on
WPA. Their attack (called the Beck-Tews attack) can recover plaintext
from an encrypted short packet, and can falsify it. The execution time
of the Beck-Tews attack is about 12-15 minutes. However, the attack
has the limitation, namely, the targets are only WPA implementations
those support IEEE802.11e QoS features. In this paper, we propose a
practical message falsiﬁcation attack on any WPA implementation. In
order to ease targets of limitation of wireless LAN products, we apply
the Beck-Tews attack to the man-in-the-middle attack. In the man-in-
the-middle attack, the user’s communication is intercepted by an  
attacker
until the attack ends. It means that the users may detect our attack  
when
the execution time of the attack is large. Therefore, we give methods  
for
reducing the execution time of the attack. As a result, the execution  
time
of our attack becomes about one minute in the best case.

                                                         -- Jerry

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com