Dear Goerge, GO> First of all, this was not a crack against WPA; it was a weakening of TKIP. That was exactly my point.
To the best of my knowledge and please correct me if I am wrong : GO> WPA != TKIP. WPA is an industry certification standard which mandates TKIP GO> encryption capability but leaves AES encryption optional. I'd even say it leaves CCMP optional, let's no confuse ourselves even more here and compare TKIP to AES - directly. In summary: There exists amongst others WPA-PSK-TKIP (RC4) aswell as WPA-PSK-CCMP (AES) TKIP = IEEE 802.11i - CCMP = IEEE 802.11i - CTR with CBC-MAC Protocol (CCMP). Both are refered to Robust Secure Network in IEEE 802.11i While TKIP might be weakened cracked - WPA - AFAIK isn't. GO> What this means is that people should add TKIP to the list of obsolete encryption GO> algorithms like WEP. This summarises it perfectly. -- http://secdev.zoller.lu Thierry Zoller _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
