This is hardly a "crack" so much as a brute-force testing of common combinations of letters and numbers. Although this would well work against "password" and other short passwords, guessing the 64-hex-character WPA2 key that even the tiny, underfunded primary school I work at uses would be way, way, beyond this software. You're still looking at 512 bits of random data - that's 2^512 combinations, which is roughly 10^154, which at a billion attempts a second would still take many times longer than the age of the universe (believed to be 13.73 billion years, or 10^10-ish) to get anywhere near guessing the password.

And there's nothing you can do about this. Of course not. It's like saying there's nothing you can do against terrorist A-bombing the entire world, killing everyone and then cutting the vault door to steal your gold. This is a bogus advertisement for a password guesser, not a dire hole in WPA2 and the article should be rewritten to reflect that.

The way the article was written, you would think they had found some super-duper hole in WPA2. In actual fact, they sit and try A, then B, then AB, etc. ad infinitum... Eventually, they will hit the password that was used. Of course they will. Although this will catch out only a few people, it won't compromise anything which is already supposedly secure. And it's not new. It's not powerful. It's not effective. It's not even sensible. Using similar, better and even this exact company's software, I've yet to recover a single (modern) Word doc or zip file that I've password protected with anything more powerful than "password" after leaving the computers running for MONTHS.

Why, in the name of the Dark Lord, would anyone operating a "sensitive" network have *any* wireless connectivity to it at all?

The easier it is to connect to, the easier it'll be to hack into, and vice versa.

Basic.

Common.

Sense.

This tool attacks WPA-PSK and WPA2-PSK (pre-shared key, or "Personal" mode in WPA-speak), which is most often used in home networks. Companies with WiFi deployments should use 802.1X authentication (called "Enterprise" mode in WPA-speak), e.g. with EAP-TLS, which is not vulnerable to this attack. Any wireless security professional with half a brain should know this.

Are these GSS people really so incompetent that they're not aware of this? Or are they just scaremongering to sell consulting services? And John Leyden, why don't you mention in the article that only pre-shared key/"Personal" mode is vulnerable to this attack?

> High performance FPGA (Field Programmable Gate Array) chips were applied to

> crack standard GSM transmissions in as little as 30 seconds

I wonder how fast the GPU solution would be able to do that?

Anyone tried using a PS3 for either? Strikes me that the Cell might be useful in that arena.

Recovery times for keys are increased by a factor of 100? Doesn't seem worth it to me. Does anyone read these articles before posting them?

Give it 2 weeks for this to filter into parliament and I'll get arrested for having a dual-overclocked-SLIed "password cracking tool".

Impressive tech, though!

Switched mine off months ago, went back to wired.

Which "Financial Institutions" use wireless exactly? I've worked in the finance industry for years and there is a blanket ban on anything wireless. Even the Execs are banned from using wireless mice and keyboards. Who in there right mind uses a WiFi network?

Anyway, as stated above, brute-force attacks are only susceptible to systems administered by donkeys and, in those cases, you can probably obtain the password or entry to the network in much more convenient ways.

"Recovery times for Wi-Fi keys are increased by a factor between 10 to 15 in the use of Elcomsoft Distributed Password Recovery..."

Oh dear... in that case, surely you'd be better off not using the Elcomsoft product, and "recovering" the keys 10 to 15 times quicker?

Anyone tried using a PS3 for either? Strikes me that the Cell might be useful in that arena.

Dear BBC,

why oh why, does someeone ALWAYS have to mention the Cell processor when it comes to mentioning anything other than x86 chips....

Where can we get a copy of the software?

Re:

"> High performance FPGA (Field Programmable Gate Array) chips were applied to

> crack standard GSM transmissions in as little as 30 seconds

I wonder how fast the GPU solution would be able to do that?"

The FPGA solution should generally be quicker. Why? Because with that approach you're implementing your algorithm in digital electronics, whereas using the GPU approach you're running a software program, which ultimately runs on the electronics.

All thing being equal that is, if you can clock the FPGA implementation at the same speed as the GPU. But FPGAs are designed and fabricated in a different way to fully custom, semi custom chips.

"Steve Mueller and David Hulton at Black Hat in Washington back in February."

Shmoocon 2008.

David's company, Pico Computing, produces FPGA gear that can be used for security analysis and is quite good at it.

'the software is specifically designed to support "passport recovery" on Wi-Fi networks running either WPA or the newer WPA2 encryption'

'ElcomSoft positions the tool as a means of auditing corporate Wi-Fi networks for inappropriately weak passwords'

So, which is it? Sounds to me like they're stretching it to quote "password recovery" as an option - who on earth has forgotten a WPA key and found no other way to retrieve it than brute-forcing it open with a graphics card?? The mind boggles - use wired to get back in and retrieve. "Oh look, I've locked myself out of my house... I see I've left another window open, however I'll shoulder barge the door instead". Not to mention the fact you're effectively proving it's pointless to put a password on there.

As for auditing a company's wireless network - you don't need to do it "faster" to prove a relatively weak password, they'll be one of the first found. Plus, why are wireless access points anywhere near a data critical network? Do what everyone else does, provide a separate t'internet line, whack on WPA for a tiny bit of protection and let VPN/SSH do the real work.

As Lee's pointed out as well, all they're doing is brute forcing. We know that it works, it's always worked, it just takes a really really long time. Now it takes a really long time instead (100x faster? So it's just 10m years now compared to 1bn - awesome)

</rant> Hmm, this week has obviously been more stressful than I thought. Deep calming breath and off to the pub

>As Lee's pointed out as well, all they're doing is brute forcing. We know that it works, it's >always worked, it just takes a really really long time. Now it takes a really long time

>instead (100x faster? So it's just 10m years now compared to 1bn - awesome)

And the performance of graphics hardware is increasing how many times a year? How long until someone finds a flaw in WPA that seriously reduces the amount of keys you need to brute force? No one ever said this wasn't a "bruteforce" attack, the interesting thing is that have used common place and more importantly cheap hardware to increase the speed at which they can do the attack by a good margin.

If lee knew anything about WPA he would have suggested that people don't use common SSID's for their WPA protected networks as some pretty large rainbow tables already exists for common ones like linksys...

that is the open-source/blackhat approach to WPA crack by using many FPGA's and their idea wasn't to brute force WPA in realtime - but generate the 'rainbow hash' for the first 1000 common SSID's hence giving just a few seconds look up time. The months of brute force computation is done by precomputing beforehand - just you need somehow to persuade your eeeLaptot to accept a couple of terabyte HDD's containing reverse hash tables to do your warlaptotting.

I think we have to find out what the first thousand common SSID's are , then all use no. 1001, that will solve this minor security hole!??

There is an open-source project at http://pyrit.googlecode.com for just that since about a month...

Also notice that this story is posted under the "advertise" section of scmagazineuk.com ...

See http://pyrit.googlecode.com

hi,

as already mentioned, this is for the noddy 'better than WEP' version of WPA - aka

WPA-PSK. where a single passkey is used to get onto the WiFi network - as

supported by all modern access points and devices such as PSP, Xbox360, PS3,

modern laptops with windows,OSX Linux etc.

however, this brute-force is no good against WPA-Enterprise - which uses RADIUS

authentication...eg EAP-TLS or EAP/PEAP, EAP/TTLS etc. with this method a server

certificate proves the correct RADIUS authentication server (ie a secure and signed

way of validation) and, in the case of PEAP, using MSCHAPv2 inside a protected

tunnel, only a challenge,response is used - so no passwords cross the wifi anyway.

ANY real site would be using WPA-Enterprise - at this level, the WiFi ends up being

more secure and audited than the wired network.

It's amazing that many of us have so much unused computer power. However if you nock a couple of noughts off a number with 20 noughts on it you have not made much difference.

The real problem with security is like the person who has learnt kung fu and says "Hit me, go on hit me, I will block you". So you hit them "Ow, that hurt, you we'rnt supposed to hit me like that".

Passwords are not random. They are the pets name or the girlfriend.

Paris could be the girlfriend.

95% of WiFi networks can be hacked using the following process:

Access Server address

Username: admin

Password: admin

Nuff said

Paris because only she is easier to enter

Now there's a reason to get tri sli gtx280's!

More companies might use it. As it stands, for the majority of corporations doesn't PSK + a VPN work a whole lot better.

Well yes that would indeed work as long as you already have internal access to the network... but then why would you want to hack it if you are already on it.