nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
 ·AT&T U-Verse
 ·AT&T Midwest
| reply to Matt26
Re: breaking 256 bit AES encryption
It might be breakable with brute force if you use a poor choice of your PSK key. That's why a key of at least 20 characters is recommended, preferably using a non-obvious string of characters.
Beyond that, AES has been well tested by cryptographers, and there is no known easy way of breaking it if the key is well chosen.
Technically speaking, brute force will always work. But if it will take billions of years of computation, we don't worry much about it and we consider it adequately secure. |
|
Matt26
join:2007-07-06 | so does this mean that the PSK is required in order for the encryption to be broken, or can it be broken without the key being known? |
|
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
·AT&T U-Verse
·AT&T Midwest
| Let me try rewording my answer.
The only known method for breaking AES is trial and error - testing possible keys until you find one that works. Cryptography researchers have not found any weakness such as might allow an easier way of breaking it.
Testing all possible keys would take billions of years, so does not pose a plausible threat.
Trial and error can be a lot faster with a dictionary attack - testing only keys obtained in dictionaries, dictionaries of phrase, etc. Likewise, trial and error restricted to short keys is a lot faster. As long as you choose a key that is long enough (20 or more characters is recommended), and is not a common word or phrase, there is no reason for concern.
--
AT&T dsl; Westell 327w modem/router; openSuSE 11.0; firefox 3.0.8 |
|
caedmon
@cox.net
| quote:
The only known method for breaking AES is trial and error
This is commonly called a "brute force attack". It is virtually impossible when using AES with a random 128 bit key at this time.
Important Note
The PSK key you configure has nothing to do with the keys used with the AES encryption. The PSK is used for authentication and as part of the algorithm used to setup the keys used by AES. The PSK is the only known weak point in WPA-PSK when using CCMP(AES encryption). If someone captures the initial 4 messages when a client first joins a network they can use a brute force attack on the PSK. If they crack the PSK they can decrypt those 4 messages and determine what the AES key is.
Each client negotiates a different AES key each time they join the network but knowing the PSK allows one to obtain the AES key used by that client if they capture the initial 4 messages when that client joins the network. |
|
Matt26
join:2007-07-06
| ok, just so i'm clear- there are two separate keys involved in WPA/WPA2- the PSK key (which would be the password/passphrase used to authenticate a user to the network) and an AES key used for the encryption of the data- and these AES keys change each time a client authenticates to the network. is this correct?
as far as a brute force attack is concerned- my understanding is that the more complex the passphrase the harder it will be to crack it, and i use a passphrase made of 63 random ASCII characters- so my guess is that this would be next to impossible for anyone to crack. would this be reasonable to assume?
thanks for all the replies. |
|
nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL | Yes, that's a very reasonable assumption. |
|
caedmon
@cox.net | reply to Matt26
Yes to both questions. |
|
KodiacZiller
join:2008-09-04
73368
| Brute forcing AES is simply out of the question and will likely always be out of the question, at least until quantum computing comes around (and even then it seems unlikely).
Someone above said it would take millions of years to brute force 128 bit AES. That is incorrect. It would take trillions of times longer than the age of the universe. And even then, the energy requirements would be so large that the energy of the sun would need to be harnessed. |
|
