Just saw this on one of my RSS feeds
http://www.pcworld.com/businesscenter/article/153396/once_thought_safe_wpa_wifi_encryption_is_cracked.html
The short list of points:
1. Only affects WPA (NOT WPA2)
2. Only affects TKIP (NOT AES)
3. Only affects traffic from router to PC (NOT PC to router)
Can also be used to send bogus info from router to PC
4. Takes approx 12-15 minutes to crack key
5. Some of the code used to demonstrate this was added to Aircrack-ng two
weeks ago.
Authors state this is not the dictionary attack that has been around for
awhile, but a new way to "trick" the router into sending the attacker larges
amount of data, and a new cryptographic attack that decodes the WPA TKIP
key.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
