{"id":2308,"date":"2003-11-06T00:00:00","date_gmt":"2003-11-06T00:00:00","guid":{"rendered":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2003\/11\/06\/weakness-reported-in-wireless-security-protocol\/"},"modified":"2021-12-30T11:41:02","modified_gmt":"2021-12-30T11:41:02","slug":"weakness-reported-in-wireless-security-protocol","status":"publish","type":"post","link":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2003\/11\/06\/weakness-reported-in-wireless-security-protocol\/","title":{"rendered":"Weakness Reported in Wireless Security Protocol"},"content":{"rendered":"<p>A researcher at ICSA Labs has reported that some implementations of Wi-Fi Protected Access (WPA), a standard for cryptography of data on Wi-Fi networks, can be compromised through a dictionary attack.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Most implementations of WPA, in order to make use of the cryptography accessible to unsophisticated users with normal home computing equipment, allow users to enter a common shared phrase into a WPA user interface on the computer.<\/p>\n<p>Other key management techniques are available to WPA, but these generally require more expensive and complex network management equipment, such as authentication servers.<\/p>\n<p>Moskowitz states that after sniffing a few packets of data from certain points in Wi-Fi standard communication, an attacker could use a &#8220;dictionary attack&#8221; on the data offline in an attempt to guess the passphrase.<\/p>\n<p>According to Moskowitz: &#8220;A key generated from a passphrase of less than about 20 characters is unlikely to deter attacks.<\/p>\n<p>More info: [url=http:\/\/www.eweek.com\/article2\/0,3959,1375027,00.asp?kc=EWRSS03119TX1K0000594]http:\/\/www.eweek.com\/article2\/0,3959,1375027,00.asp?kc=EWRSS03119TX1K0000594[\/url]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13],"tags":[],"class_list":["post-2308","post","type-post","status-publish","format-standard","hentry","category-warnings"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2308","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=2308"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2308\/revisions"}],"predecessor-version":[{"id":4795,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2308\/revisions\/4795"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=2308"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=2308"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=2308"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}