Must Read Books   My Server   Web   Music

Archive | Security RSS feed for this section

WPA-PSK – Cracking Approaches

Wi-Fi Protected Access (WPA) is one of the most popular security protocols for wireless data encryption. As it is already known, WPA-PSK which represents the personal mode of WPA is proved to be vulnerable to dictionary attacks. The fact that the initial 4-way handshake which is performed between the AP and the Client is transmittedunencrypted, gives to the attacker all the needed information in order to start an off-line attack. Until now, there are several groups and companies that investigated this kind of attack [ 1, 2, 3, 4 ] and tried to optimize the entire process. The usage of hardware with additional computational power, such as the low-level Field Programmable Gate Arrays (FPGAs) or the in parallel processing that Graphics Processing Units (GPUs) offer, revealed interesting approaches that could be followed for pre-computations and searching. The idea of pre-computed Lookup Tables might go back in time, however it constitutes a great technique. More precisely, in the case of WPA-PSK they are able to spare uscomputational time and power, since the 4096 HMAC_SHA1 iterations that are needed will be performed beforehand. Of course, the level of security that WPA-PSK is stillrelatively high for today’s hardware capabilities. The population of all possible keys is salted by using the SSID of the wireless network and that makes the already difficult task of applying dictionary attacks, even harder. Imagine, that if someone wants to try every single password, a simple glance would reveal that computations needed areimpossible to be performed in a logical time frame. There are 95 printable ASCII characters and the pass-phrase could be 8-63 characters, covering only the case of one SSID. That leave us with something like 95^63 possible keys for a single SSID test. This topic could be further approached by using additional cryptography acceleration. What if we used dedicated hardware, such as the Intel EP80579 Processor (aka Tolapai), which is meant to accelerate cryptographic computations at a significant low per wattpower consumption. This task could involve a number of important interesting issues for further experiments, such as:

  1. Time-Memory trade-offs.
  2. Optimizations of Data Transferring.
  3. Generation of new Lookup Tables on the fly.
  4. Creation of sophisticated pass-phrases and SSID dictionaries.
  5. Building a small Diskless Cluster

Additional details: Download

Comments are closed