PC World reports today that the once full-proof wireless encryption standard, WPA, has been partially cracked by Erik Tews and Martin Beck - two researchers which are due to make an appearance in the PacSec applied security conference next week.

Erik Tews was involved previously with developing new ways to crack the older, and shown to be weak, WEP method of wireless security. He has now developed an attack, along with Martin Beck, that can compromise the TKIP protocol within 15 minutes – much less time than was previously thought possible.

TKIP is a wrapper protocol that surrounds the old WEP encryption, essentially turning the once weak WEP into the thought to be stronger WPA. The encryption standard hasn’t fully been cracked however as the data was decrypted from the router to the PC and not from the PC to the router. So even though the password you type in to your browser is safe, the data coming back that might contain your bank balance won’t be. I’m sure it will just be a matter of time before it’s fully broken.

For those who are worried, WPA2, the latest version, does not suffer from the same flaws, but is also not available on every router and PC. If you have the latest service pack for Windows XP, or Windows Vista, WPA2 is built in, but you’ll have to verify that your router supports it too.