Academic researchers have found an exploitable hole in a popular form of wireless networking encryption. The hole is in a part of 802.11i that forms the basis of WiFi Protected Access (WPA), so it could affect routers worldwide. German graduate student Erik Tews will present a paper at next week’s PacSec in Tokyo coauthored with fellow student and aircrack-ng team member Martin Beck that reveals how remnants of WPA’s predecessor allow them to slip a knife into a crack in the encryption scheme and send bogus data to an unsuspecting WiFi client.

In an interview from Germany, where he is a PhD candidate studying encryption at the Technical University of Darmstadt, Tews explained that an existing attack on Wired Equivalent Privacy (WEP) was modified to provide a slim vector for sending arbitrary data to networks that use the Temporal Key Integrity Protocol (TKIP). (Tews’ collaborator Beck is a student at the Technical University of Dresden; Tews credits Beck with the discovery, after which they jointly developed the paper that Tews will present at PacSec.)

With the Tews/Beck method, an attacker sniffs a packet, makes minor modifications to affect the checksum, and checks the results by sending the packet back to the access point. “It’s not a key recovery attack,” Tews said, “It just allows you to do the decryption of individual packets.” This approach works only with short packets, but could allow ARP (Address Resolution Protocol) poisoning and possibly DNS (Domain Name Service) spoofing or poisoning.

The paper, Practical Attacks against WEP and WPA, is now available for download.

So even though TKIP is not broken, the best way to protect your network is by switching from TKIP to AES with a relatively random password at least 20 characters long.

A multi-ovation demo from TED2008. (Recorded March 2008 in Monterey, California. Duration: 05:40.)