Looks like the whitepaper has been published. (Found via SANS) http://dl.aircrack-ng.org/breakingwepandwpa.pdf
"Practical attacks against WEP and WPA<http://dl.aircrack-ng.org/breakingwepandwpa.pdf>" (from aircrack-ng website <http://www.aircrack-ng.org/doku.php?id=links>) On Fri, Nov 7, 2008 at 11:08 AM, Mike King <[EMAIL PROTECTED]> wrote: > > > On Fri, Nov 7, 2008 at 9:22 AM, Daniel Bennett <[EMAIL PROTECTED]> wrote: > >> Is it that WPA is cracked or TKIP. If it is only TKIP then WPA/WPA2 with >> AES is still fine, correct? Also, I have been wondering what the difference >> between WPA and WPA2 is. > > > This ended up being on of the first google hits, and had a pretty basic > primer on it. > > http://www.dd-wrt.com/wiki/index.php/WPA/WPA2 > > As a tie back to the main discussion, I found this networkworld article as > well: > > It was written by Joshua Wright of Aruba Networks in September of 2006. > > http://www.networkworld.com/columnists/2006/091106-wireless-security.html > > It was interesting that he notes: > It is important to note, however, that TKIP was designed as an interim > solution for wireless security, with the goal of providing sufficient > security for 5 years while organizations transitioned to the full IEEE > 802.11i security mechanism. While there have not been any catastrophic > weaknesses reported in the TKIP protocol, organizations should take this > design requirement into consideration and plan to transition WPA networks to > WPA2 to take advantage of the benefits provided by the RSN architecture. > > I guess we can't say we weren't warned. > > ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.