 Sacurtis
join:2004-02-25
Prosper, TX | WPA Crack So this basically means that someone can't sniff my data but they can get on my network....Correct? | |
|
 | 
LiamJunket
Premium
join:2002-03-03
Ocean City, NJ
 ·Comcast
1 edit | Re: WPA Crack said by Sacurtis  :So this basically means that someone can't sniff my data but they can get on my network....Correct? Not exactly. They can see the data that is going TO the PC from the wireless router. They just can't see the data flowing FROM the PC back thru the router to the web host.
--
My BLOG .. .. Internet News .. .. My Web Page
Ask yourself one question: 'Do I feel lucky?' Well, do ya punk? | |
|
| 
danza
Premium
join:2002-08-23 | Seems like it.
They didn't mention AES at all in the article though. | |
|
| | |
| Kearnstd
Elf Wizard
Premium
join:2002-01-22
Mullica Hill, NJ
| so they cracked it but it is still more secure then WEP. id still compair WPA-TKIP to a deadbolt on your door and no windows in reach of ground level. someone can get in but they have to work at it.
WPA2-AES is more like a motion sensing machinegun on the roof.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports | |
|
| | 
swhitney2003
I can't drive 55.
Premium
join:2003-06-13
NH
clubs:  | Re: WPA Crack What is no wireless then (only a hardwired lan)? :-P | |
|
| | | BosstonesOwn
join:2002-12-15
Everett, MA
clubs:
·Comcast
·Comcast Formerly ..
| Re: WPA Crack said by swhitney2003 :What is no wireless then (only a hardwired lan)? :-P Smart ?
--
"It's always funny until someone gets hurt......and then it's absolutely friggin' hysterical!" | |
|
| | | 
fireflier
Coffee. . .Need Coffee
Premium
join:2001-05-25
Limbo
 ·Skype
1 edit | said by swhitney2003 :What is no wireless then (only a hardwired lan)? :-P Pissed off midget with a flamethrower. | |
|
| | | | 
Midget
@bellsouth.net
| Re: WPA Crack said by fireflier :said by swhitney2003 :What is no wireless then (only a hardwired lan)? :-P Pissed off midget with a flamethrower. LOL!  | |
|
| | | 
maartena
Nice'n Round.
Premium
join:2002-05-10
Orange, CA
·RoadRunner Cable
| said by swhitney2003 :What is no wireless then (only a hardwired lan)? :-P Ford Knox, surrounded by a mile-wide moat, filled with mines and other unpleasantries. | |
|
| | | |
GOtomtomGO
@comcast.net | Re: WPA Crack then i have mines.. and they're GREAT!! | |
|
| | |
| 
BIGMIKE
Premium
join:2002-06-07
Westminster, CA
| Hacking Wireless Network is old news
Apr 05, 2005
Feds Hack Wireless Network in 3 Minutes
»hardware.slashdot.org/article.pl···from=rss
Turbo-charged wireless hacks threaten networks
Graphics cards encryption skulduggery
By John Leyden • Get more from this author
Posted in Enterprise Security, 10th October 2008 12:25 GMT
»www.theregister.co.uk/2008/10/10···hacking/
The latest graphics cards have been used to break Wi-Fi encryption far quicker than was previously possible. Some security consultants are already suggesting the development blows Wi-Fi security out of the water and that corporations ought to apply tighter VPN controls, or abandon wireless networks altogether, in response | |
|
| | battleop
join:2005-09-28
00000 | Re: WPA Crack Your first example is about cracking WEP which is old news. This article is talking about cracking WPA, so they are not related.
You second example is not really cracking the WPA key, it's just a faster brute force attack. | |
|
| | cooperaaaron
join:2004-04-10
Plainfield, IL | Let's say I had a computer with two graphics cards, why can't someone come up with a way to use one of the graphics cards ( or some card that could be installed in a slot ) when it is idle or lightly used, to encrypt data ? | |
|
| | | |
| | | | |
| | | | |
| | | |
| |
Rabbit7766
@isnet.net | err...thats WEP hacking in 2005. this is WPA cracking, slighty more complex, but still easy to do. | |
|
swhitney2003
I can't drive 55.
Premium
join:2003-06-13
NH
clubs: | WPA2 Soon enough WPA will be the new WEP. Thank goodness for another change of style, AES. Is there any word on a WPA3 (or whatever the next gen might be). | |
|
tmh
@qwest.net
| Not news TKIP has its foundations in WEP. The main improvement being that a new key was generated every X minutes. It looks like someone's figured out a faster way to break WEP?
True? 
Looks like AES is still secure. | |
|
|
LiamJunket
Premium
join:2002-03-03
Ocean City, NJ
·Comcast
| Re: Not news said by tmh :TKIP has its foundations in WEP. The main improvement being that a new key was generated every X minutes. It looks like someone's figured out a faster way to break WEP? True? Looks like AES is still secure. Even if you are using WPA/TKIP, you can still better your odds by changing the "Key Renewal interval" in the wireless router from the usually default 3600 secs(60 mins) down to say 600 secs(10 mins). That should bring it under the time needed to crack the key. By the time they crack the key, it would already be changed.
--
My BLOG .. .. Internet News .. .. My Web Page
Ask yourself one question: 'Do I feel lucky?' Well, do ya punk? | |
|
| |
tmh
@qwest.net
 from:
LiamJunket
| Re: Not news said by LiamJunket : Even if you are using WPA/TKIP, you can still better your odds by changing the "Key Renewal interval" in the wireless router from the usually default 3600 secs(60 mins) down to say 600 secs(10 mins). That should bring it under the time needed to crack the key. By the time they crack the key, it would already be changed. Tis funny you mentioned that. 5 years ago when I was running TKIP routers, I switched the key interval to 300 seconds. It wasn't adversely performance, so I figured "why not?".
tmh | |
|
| | |
| | |
LiamJunket
Premium
join:2002-03-03
Ocean City, NJ
·Comcast
| Re: Not news said by tschmidt :said by LiamJunket : By the time they crack the key, it would already be changed. That does not address the problem. Since previous transmissions can be recorded it does not matter (within reason) how long it takes the attacker to crack encryption. Once cracked plain text is readable. Whatever was communicated is now known to the attacker. /tom It does matter, because the data that has to be collected in order to successfully decrypt it exceeds a 12 to 15 min collection timeframe. If the key changes BEFORE they can collect 12 to 15 mins worth of data, then the decryption process won't succeed. At least that is how I understand the process from several different writeups.
--
My BLOG .. .. Internet News .. .. My Web Page
Ask yourself one question: 'Do I feel lucky?' Well, do ya punk? | |
|
| | | | 
tschmidt
Premium,MVM
join:2000-11-12
Milford, NH
 ·Verizon Online DSL
·Fairpoint Communic..
| Re: Not news said by LiamJunket : If the key changes BEFORE they can collect 12 to 15 mins worth of data, then the decryption process won't succeed. At least that is how I understand the process from several different writeups. I am not a cryptanalysis nor do I play one on TV. My understanding is they spoof system into sending a big chunk of data, then it only takes 12-15 minutes to extract the key. If key is changed more often recovered key cannot be used to actively communicate but will be able to convert messages to plain text.
As an aside WPA was always considered an interim scheme until WPA2 could be officially approved. This is an interesting, but not devastating, attack as I assume most sites are using WPA2 to replace WEP.
/tom | |
|
| | | | | 
ieolus
Support The Clecs
join:2001-06-19
Duluth, GA | Re: Not news You guys should stay at a Holiday Inn Express tonight and then come back here to finish the discussion tomorrow.
--
"Speak for yourself "Chadmaster" - lesopp | |
|
ftthz
If love can kill hate can also save
join:2005-10-17 | . intersting... means people have to upgrade to wpa2 | |
|
scooby
Premium
join:2001-05-01
Chicago, IL
| Everything is crackable... Like I have said for years now. If it is human made, a human can crack it. It is just a matter of time.
Obviously the amount of time depends on the level of interest.
R.I.P. CSS - 1999
R.I.P. WEP - 2001
R.I.P. AACS - 2007
R.I.P. BD+ - 2008
AACS and BD+ cracked for sure? Who knows but there are lots of programs out there to let you get around it. That is close enough in my book. | |
|
|
tschmidt
Premium,MVM
join:2000-11-12
Milford, NH | Re: Everything is crackable... While what you say is true there is a world of difference between trying to protect mass produced media (impossible) and protecting messages between two parties (hard).
/tom | |
|
jca2050
Premium
join:2002-02-04
Lewisville, TX
 ·Verizon FIOS
| WPA WPA is still very secure if you have a complicated and long pass code. If you make your pass code something like ">SADFJL#()@!)OFKasfjksF2390SATf923()!%#%>", that's pretty much a guarantee that no one will crack it unless they have rainbow tables and a lot of time on their hands.
WPA has been crackable for a long time, it just requires you to deauth a client, capture the 4-way handshake when they reconnect and crack it with aircrack. If the pass code is something easy like "password" then you can run a standard dictionary attack on it and crack it in a matter of minutes. Although this method only works on WPA-PSK (pre-shared key) if I recall correctly, but just about every WPA protected AP I've seen uses WPA-PSK. | |
|
|
See 8 replies to this post |
|
zod5000
join:2003-10-21
Edmonton, AB
·TELUS
·TekSavvy Solutions..
| WPA2 is fine. I use WPA2-AES with a randomly generated longass password. I figure it'll be a few more years for someone to crack that.
I suppose though, because cpu/power continutes to increase, the ease of brute force attacks gets easier. I guess they should start working on a WPA3. | |
|
| KodiacZiller
join:2008-09-04
73368
| Re: WPA2 is fine. said by zod5000 :I use WPA2-AES with a randomly generated longass password. I figure it'll be a few more years for someone to crack that. I suppose though, because cpu/power continutes to increase, the ease of brute force attacks gets easier. I guess they should start working on a WPA3. Nah, a raw brute force on, say, 128 bit AES would take longer than the age of the universe (assuming a reasonably strong key). Then you have the Von Neumann-Landauer Limit to contend with. This principle says that it would take an inordinate amount of energy to do -- more than is available to anyone. Energy is a big problem with brute forcing large keys. There is simply no way around the 2nd law of thermodynamics (unless you want to take into account theoretical reversible computing).
This attack on TKIP appears to have been a result of a mathematical breakthrough (i.e. the researchers found an inherent weakness in the encryption cipher). Without these mathematical "breakthroughs" brute forcing is not feasible, not even with multiple supercomputers. | |
|
| | 
snipper_cr
join:2002-01-22
Wheaton, IL
clubs:
| Re: WPA2 is fine. Quite right. I dont have the article to support this, but I read that if you take the worlds largest super computer, shrink it down to the size of a grain of sand, and then cover the earth it would still take millions of years to crack a full 128 bit AES... at least i think thats what it was. Either way, it is some miscomprehendable number.
Interesting thought about Von Neumann-Landauer limit and the second law of thermo... although does that take into account super conducting computers?
If this ultimately leads to a break in TKIP, that would be slightly unnerving. A break of AES would be down right disastrous. I hate to see what would happen if AES could be broken...
--
The early bird catches the worm, but the second mouse gets the cheese. | |
|
| | |
utahluge
join:2004-10-14
Draper, UT
·Comcast
·MSTAR
1 edit | TKIP+AES My DD-WRT supports "TKIP+AES". Does the essentially double my protection? I don't really know what that means.
Edit: Just found out. "TKIP+AES" is there for mixed environments. It will try AES first and if your node doesn't support it, it will try TKIP. | |
|
jimmytjams
Premium
join:2006-12-23
Buffalo, NY | IF you use MAC Address Filtering what is the effect? If you enable Enable MAC Address Filtering on a Westell verizon wireless router D90-327W15-06. Will this add enough protection in addition to a medium strenght WPA key to keep from being hacked into?
Thanks,
Joey | |
|
| 
Dipsomaniac
Oh My, Yes.
join:2001-12-12
Toronto, ON | Re: IF you use MAC Address Filtering what is the effect? MAC address filtering adds almost nothing in the way of security if someone is actually interested in getting into your network. Spoofing a MAC address is trivial.
--
Therapy is expensive. Bubble wrap is free. | |
|
DataRiker
Premium
join:2002-05-19
Metairie, LA
clubs:
4 edits | Almost a crack Users using long random passwords have no reason to switch to AES yet.
These type of articles are nothing but FUD. The actual cipher is not broken, but rather a faster way of testing likely keys was found, and given a complex key this is inconsequential.
I think many people here to not realize that even the WEP encryption scheme which was BADLY flawed could offer good protection with the correct key.
with the maximum length key at random using all possible characters it took an ENORMOUS amount of weak IV's. Not the 1 million or so most web example showed with weak passwords but more like 20+ million weak IV's with a long random password, which was very unlikely on all but a few routers (new firmware made this very hard to reach by "packet injection")
In case anyone was wondering the statistical attack time went down as the weak iv count went up.
It would take an intruder months to collect that many weak IV's (depending on your browsing habits) | |
|
kyler13
Is your fiber grounded?
join:2006-12-12
Arnold, MD
| Ultimate WPA security The Actiontec router I have is an absolute bear when it comes to trying to initiate a connection with WPA (current firmware issue). It doesn't want to auto-connect and pretty much never will acknowledge the handshake on the first try, despite the key being correct. I have to sit here and refresh my connections window sometimes a couple dozen times before the handshake works and the connection is made. LOL, that little "feature" probably makes my WPA connection nearly bullet-proof. | |
|
I pos rep
join:2008-08-22
1 edit | Not really any danger to users with some knowledge This applies only to WPA to begin with. Who still uses that in 2008? Even my router with WPA2 AES is older than I can remember(at least a couple of years).
WPA with good long random keys should take quit a while before they even become worth the effort. Anyone standing outside my house in a car for a week is likely to be considered suspicious. | |
|
| |
| 
Titus Pullo
I came, I saw, I slept
join:2004-06-26
·Embarq
| said by I pos rep :This applies only to WPA to begin with. Who still uses that in 2008? My Linksys wireless print server.
-- | |
|
wispalord
join:2007-09-20
House Springs, MO | well... hence why you disable SSID, and use mac adress authenication on top of everything else.. and it helps, and maybe disable dhcp and use a oddball numbering structure. | |
|
| beaups
join:2003-08-11
Hilliard, OH | Re: well... ssid and mac filtering is a joke. disabling dhcp is just a mild additional hassle. | |
|
|
testing123
@comcast.net | Mac spoofing If you're not on the network yet, how would you know which mac to spoof? | |
|
|
|
|
|
WPA Wi-Fi Encryption Is Partially Cracked
·
·
·