A joint research team, including the RIKEN-MIT Center for Information Science and Policy and Department of Computer Science at the University of Tokyo, wrote a study in the 19th issue of the IEEE Transactions on Information Forensics and Security on the issue of interception of public Wi-Fi connections at facilities such as wireless local area network (WLAN) access points.
The study demonstrated that eavesdroppers can create a list of the various networks’ login IDs and passwords used in a wireless internet connection. It also found out that a hidden key replay attack can be used to steal communication data.
The joint research team said the attack method cannot work on WPA2 (Wi-Fi Protected Access) because of the cryptographic algorithm.
“The attack method can be carried out and used against various devices using their default passwords. It can also be used against generic operating systems by modifying system drivers. The attack method can also be deployed on both IPTV and AP systems through manufacturers’ own software,” the study said.
The joint research team said the attack method cannot work on WPA2 (Wi-Fi Protected Access) because of the cryptographic algorithm. It said it also must be made clear that the attack method does not work on secure communications, including “TCP/IP” networks such as the “IPv4” network used in the IPv6 “Internet Protocol.”