Once thought safe, the WPA standard used by countless wireless routers has been revealed to be vulnerable- but only in theory, for now.

Security researchers say they’ve developed a way to partially crack the Wi-Fi Protected Access (WPA) encryption standard that is used to safeguard data on many wireless networks.

Researcher Erik Tews was to demonstrate the attack at the PacSec conference in Tokyo in mid-November. Cracking WPA encryption could be exploited to read data being sent from a router to a laptop, or to send bogus information to a client connected to the router.

Tews and coresearcher Martin Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, which WPA uses, in a relatively short 12 to 15 minutes, says Dragos Ruiu, the PacSec conference’s organizer.

In this particular attack, however, they have not managed to crack the encryption keys used to secure data sent from the PC to the router.

WPA, widely used on today’s Wi-Fi networks, is considered superior to the original WEP (Wired Equivalent Privacy) standard, which most security professionals now deem insecure. Retail store chain T.J. Maxx was in the process of upgrading from WEP to WPA encryption when it experienced one of the most widely publicized data breaches in United States history, in which hundreds of millions of credit card numbers were stolen over a two-year period. The new WPA2 standard is considered safe from the recently developed attack.

“Everybody has been saying, ‘Go to WPA because WEP is broken,’” Ruiu says. “This is a break in WPA.”

If WPA is significantly compromised, it would be a blow for business customers who have been increasingly adopting it, says Sri Sundaralingam, vice president of product management with wireless network security vendor AirTight Networks. Although customers can use other Wi-Fi technology such as WP A2 or virtual private network software that will protect them from this attack, many devices will still connect to the network via WPA, or even by way of the thoroughly cracked WEP standard, he says.

Click for more details:

Will encryption such as WPA reduce the performance of my 802.11n connection?

Yes, wireless encryption can slow the net data throughput of your wireless connection, but the impact should be only slight and not even noticeable unless you’re comparing detailed throughput measurements.

Encryption is a mathematical process that has to be applied to data before it’s transmitted and then again once the data is received. A well-designed encryption feature can achieve this at nearly line rate. But in actual practice, the encryption causes just a little latency, slightly slowing the data transfer. For most users, the benefit of wireless encryption far outweighs the slight performance
penalty.

To protect your wireless network, make sure you’ve activated security settings at the highest level that all of your devices support:

1) Use either WEP (Wired Equivalency Protocol) or WPA (Wi-Fi Protected Access).

2) Make sure that both your router or access point and all of the clients on your network share the same encryption key. Write down the key and put it in a safe place.

3) Also use any other means to lock down the wireless network that your access point offers, such as restricting the Media-Access Control (MAC) addresses that are allowed to access the wireless network.

4) Limiting the number of DHCP leases handed out to the number of computers you own. This can typically be done using the management interface of your wireless broadband router. These settings are usually under the Advanced or Security menus.

Click to protect your wireless access point.