A researcher at ICSA Labs has reported that some implementations of Wi-Fi Protected Access (WPA), a standard for cryptography of data on Wi-Fi networks, can be compromised through a dictionary attack. Robert Moskowitz, senior technical director at ICSA Labs, detailed the . . .
A researcher at ICSA Labs has reported that some implementations of Wi-Fi Protected Access (WPA), a standard for cryptography of data on Wi-Fi networks, can be compromised through a dictionary attack. Robert Moskowitz, senior technical director at ICSA Labs, detailed the attack scenario in a paper published yesterday.

Not all WPA-based networks are vulnerable. Those most at risk, according to the paper, are the ones that use the "pre-shared key" method for passphrase generation. Most implementations of WPA, in order to make use of the cryptography accessible to unsophisticated users with normal home computing equipment, allow users to enter a common shared phrase into a WPA user interface on the computer. This phrase, along with the SSID, the visible name for the network, is transformed mathematically into a key used by the cryptography routines. Other key management techniques are available to WPA, but these generally require more expensive and complex network management equipment, such as authentication servers.

The link for this article located at EWeek is no longer available.