WPA Encryption, Temporal Key Integrity Protocol (TKIP) has been partially hacked.
To do this, Tews and his co-researcher Martin Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, used by WPA, in a relatively short amount of time: 12 to 15 minutes, according to Dragos Ruiu, the PacSec conference’s organizer.
They have not, however, managed to crack the encryption keys used to secure data that goes from the PC to the router in this particular attack
The key things to note is:
- The TKIP key has been hacked, but they haven’t managed to crack the encryption keys for data…. yet.
- This involves WPA, not WPA2 which supports AES.
I personally started using WPA2 and completely disabled support for TKIP a long time ago. I’m sure it will eventually be cracked, but hopefully I’ll be using something else by then.
Another good idea is to always ensure sensitive info is done using HTTPS if you can help it.
Edit [11/8/2008 @ 11:49 AM EST]: More info.