WPA Encryption Cracked – What now?

It’s been all over the blogs and tech news lately: Researchers have found a way to crack WPA encryption in less than 15 minutes! How does that affect you as the consumer? Should you be concerned? Short answer: No, not really.

First of all, what exactly is WPA encryption and what does it do for you, the consumer?

WPA stands for “Wi-Fi Protected Access” and is the latest encryption algorithm for wireless networks. It encrypts the data you send and receive through the air when you are using your Wi-Fi network. Its predecessor WEP (Wired Equivalent Privacy) had been considered unsafe for a long time already and can be cracked very easily.

If your wireless network is secured with WPA, it used to mean that people from the outside (those who don’t know your WPA password) would not be able to hack into your network and do things like use your Internet connection, access your personal files, or even read your emails while you send them.

Up until now, WPA was considered to be a safe bet against these data spoofs and used throughout the corporate world to keep data thieves out. However, this has now changed, “thanks” to the work of Erik Tews, a German cryptography researcher, who demonstrated a method that shows the flaws in WPA encryption. These flaws allow him to crack your WPA key within a maximum of 15 minutes.

Luckily, there already is a new encryption method that has not been cracked yet. WPA2 uses more advanced algorithms to keep your data secure. The problem with WPA2, however, is that only new laptops and routers are supporting it, but, in today’s fast paced computer world with people upgrading their systems more and more frequently, that won’t be an issue for very long.

In any event, for you the consumer, there is not too much to worry about at this point. People still have to go through a considerable amount of trouble to hack WPA secured networks and unless they have a very good reason, will probably not go through the hassle just to access your wireless network. I do recommend you using more than WEP to protect your home wireless network, and while WPA2 is certainly better than WPA, I wouldn’t start updating my hardware just for that.

If you want to be on the absolute safe side, I’d recommend using a VPN product to add an additional layer of encryption to your Internet traffic. That way, nobody could ever see what you are doing online, including those people who have access to the same wireless network as you, be it because they hacked your WPA key or because you happen to be in a public hotspot (at your local Starbuck for example). If that’s of interest to you, have a look at HotSpotVPN2 or, for a more sophisticated and more user-friendly solution, see Steganos Internet Anonym.