WPA Wi-Fi encryption can be cracked in 60 seconds

It was less than a year ago that we reported how security researchers were able to crack the WPA Wi-Fi encryption protocol in less than 15 minutes — no someone claims to have done it in less than one minute.

Two researchers at Kobe University in Japan claim to be able to defeat the WPA encryption used by Wi-Fi routers within 60 seconds — but they’re not saying how until 25 September, when they’ll detail their findings at the IEICE Technical Conference .

The hack makes it possible to intercept encrypted traffic sent between a Wi-Fi router and a connected computer and is essentially a variant on the WPA hack first detailed last year . Then, a German graduate student was able to inject data into a WEP-encrypted data stream that would appear to have been sent by the router.

It’s worth noting that both hacks only affect WPA traffic that has been encrypted using the TKIP (Temporal Key Integrity Protocol) algorithm and changing a router’s configuration to use AES (Advanced Encryption Standard). Alternatively, simply switch to the WPA2 protocol if your router supports it. It’s worth noting that most routers also offer a TKIP/AES encryption option — this is still vulnerable, so it’s best avoided.

If this news does prompt you to mess with your Wi-Fi router settings, here are a couple of extra tips for improving its security. First, don’t be fooled into thinking that hiding its SSID is a security measure — it isn’t. Second, choose a long-winded password of 20 characters or more. This can be memorable, but should include a mix of numbers, spaces and punctuation that make it hard to guess and difficult to crack with brute force methods.

[via Tom's Guide]