Comments on: A majority of wireless access points in New York City are completely insecure

By: Don

Don — Tue, 25 Nov 2008 22:57:40 +0000

I am glad that WPA is so safe. Although, I have heard this defensive argument before.

I hope this proof of WPA safety is better than the one used by DES to prove that the computer needed to crack it would be so large, that it would form a black hole under its own gravitational weight. That defensive argument did not work out so well. Sun Microsystems broke DES with a compute stack of 8 systems. A far cry from a black hole size super computer.

Lately, it has been reported, http://wifinetnews.com/archives/002452.html, there is an advance in WPA cracking. WPA2 was less vulnerable that static password implementations.

So the real risk boils down to whether a mathematical advantaged effort is possible, similar to the one that impacted MD5 hashing security; an approximation technique allowed for the elimination of huge possibilities to make the final cracking effort much faster.

For me, I think that planning the next generation replacement for WPA might be worth considering. The present residual strength of WPA2 would give us time to finish the development of a better method before over confidence leaves us vulnerable again.

Also, the use of IPSEC or VPN inside wireless WPA or even WEP are generally practical solutions that hold up to significant wireless abuse in test networks.

Still, it is nice to know that WPA does have some depth still to its credit. This is a good thing for networks that have less intense needs for data security.

Best Wishes

Don Turnblade
CISSP

By: CoolProducts

CoolProducts — Wed, 29 Oct 2008 16:19:32 +0000

That number is surprisingly high. I live in a rural area and it seems like almost 90plus percent of wireless connections around me are secured by a password. You would think that in a place like NYC people would be more conscientious about their internet safety.

By: Bryan T. Siders

Bryan T. Siders — Tue, 28 Oct 2008 23:37:48 +0000

“Note that WPA can also be cracked, but that requires a little more effort (though just barely—this stuff moves fast, as you can imagine.)”

WPA encryption has not been cracked. The only way to hack in to a WPA-secured AP is to brute-force the password. If the password is long enough (it allows up to 63 characters), the amount of time it takes to brute-force the password is way longer than any of us are going to be alive, even with super computers and fancy graphics cards and password dictionaries. WEP, on the other hand, can be cracked in a few minutes no matter what the password is. So, sure, WPA passwords can be cracked, as long as the password is short or a dictionary word.

Steve at McKeay.net said it best:

http://www.mckeay.net/2008/10/10/brute-force-attacks-against-wpawpa2-using-nvidia-cards/#comment-3565

“Theory:
63 characters using lower case, upper case,numbers,symbols, provides 94 choices for each character. if I use a 63 character password, that 63 character password could be one of 1.9 * 10 ^126 possible choices. If you want to have a 100% chance of brute forcing this key in one year one would still need to execute 6*10^118 trys a second.

Implementation:
It would be faster to attack the 256 bit hash as this only has 1.1*10^77 permutations. So if one could issue 3.6 *10^69 commands per second one could guarantee a break in one year. Lets assume that it takes 10 flops (floating point operations) to test one key. As of August SETI@HOME is executing an average of 150 terra-flops (150*10^12). Therefore one would still need ~ 2.5 *10^56 SETI@HOME projects to break one key in one year.
The most efficient computer uses 2.8 watts per GFLOP. Therefore it would take 2.5*10^59 watts to break one key. Since the average usages of power for all people on the planet is 15 TW we would need 1.5*10^46 times the current power output of the planet to break one key.

I think my key is safe.”