Researchers have since discovered a flaw in WPA that relied on older weaknesses in WEP and the limitations of the message integrity code hash function, named Michael, to retrieve the keystream from short packets to use for re-injection and spoofing.
What I don't understand then why to "promote" it in the way that it would be enough secure ("medium security")? From my point of view that means it is actually secure because it's not weak. But in reality it just all comes down to the complexity and length of the key (which isn't mentioned) and there is also no hint that a 8 digit key for example is weak - like the hint you get when filling out the router password form:
So I could choose the "medium security" WPA-PSK with a (weak) 8-digit long key that can be "hacked" in maybe 100 seconds by just sniffing a handshake and cracking it locally against a wordlist. For me this is like the opposite from secure.
You might wanna laugh but I used to own a device that was only capable of working with WEP and well, no fricking way that I would downgrade my wifi to make it work for it. Same would apply for me to WPA too.
I would say use WPA3, unless you cannot. In that case WPA2 is still a viable option. But WPA or even WEP in 2022 shouldn't really be promoted by any means IMHO.
In my experience, WPA3 is unuseable still. At least most of my devices refuse to function with it, while WPA2 works perfectly well. Most people have an older device here and there that won't work with WPA3, which is why I don't yet recommend it.
Same for me, so I stick with WPA2 at the moment which should be a secure option specially when also opting in for some additional protection (like 802.11w Management Frame Protection or key reinstallation (KRACK) countermeasures).
But to tell someone to downgrade his WIFI to WPA (with the same weak RC4 cipher base that WEP used btw.) because a device can't speak WPA2?
I would say no way!
If your device can't connect to a WPA2 AP than just wire that device or replace it with a more recent one (from like the last ~18 years) that supports WPA2 but don't ever downgrade your wifi to WPA or WEP, better than just go with a open network (no encryption) because than there is no doubt about any "security"
So I just made a test setup with the "medium security" settings exactly like in the screenshot using a ready made python script which possession could be already a crime in various countries (so I don't bother naming or linking it here) and it took around 80 seconds to have the pre shared key printed in the terminal. Cracking the captured handshake was blazing fast (Cracking WPA Handshake: 100.00% ETA: 0s @ 18711.5kps) and most time consuming is actually the script running and de-authing of the clients (not sure why but the script waits quite a long time before doing that).
Also mentioning that this is probably not the most efficient way - some preferred methods like the PMKID attack were skipped by the script b because missing tools installed on my system.
So should this still really still be calledmedium security without even checking for a weak key (like it is done already with the router password)
and if you look closely you will see that the key field
only contains numbers ()
It's also not really about how to improve the strength of the pre shared key here (that can be done reasonable well within the 63 character limit) but why the "false impression" by the openwrt luci gui is given that such a setup with a 8-digit-key (which can be "hacked" in 80 seconds) is considered still in the category "medium security"
Just thinking that this RC4 encryption algorithm used by WPA (and WEP) is already considered unsafe since many years and probably all major browser have it treated as "unsecure" or even disabled by default already for TLS
We can break a WPA-TKIP network within an hour. More precisely, after successfully executing the attack, an attacker can decrypt and inject arbitrary packets https://www.rc4nomore.com/#faq
Guess because of the weak cipher even with a 63 long and very complex passphrase a WPA-PSK (with default TKIP cipher) setup openwrt device can be exploited within an hour (yes, the one with the "medium security" )
As there is apparently no interest in changing this "situation" this topic can get closed
I don't have the rights to do so and the only thing some one holding that power was doing in this thread was to change the wording from openwrt to OpenWrt. For me that indicates lack of interest
For sure the step of marking WPA insecure could also be directly omitted and it could be directly be deleted from the official builds (like WEP). I'm not aware of any device that does support WPA but at the same time doesn't support WPA2 (for WEP that was a different case but it is already long gone....)
I don't need that because I'm aware of the (in)security of WPA and would never consider it a option to use.
This was mend for a broader audience (official builds) who one may will think - "medium security" sounds good I'll take that - without knowing that they have choosen the weakest possible option which could be defeated within an hour (with the default RC4 encryption algorithm) even when they choose a very complex 63 long pre shared key
These labels were added a while ago because people complained that all crypto choices were listed without giving any indication of their strength. Back then, the range was WEP to WPA2, so WEP was dubbed low, WPA medium and WPA2 strong.