topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 12:11 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: 100-fold WPA/WPA2 bruteforce speed increase  (Read 12803 times)

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
100-fold WPA/WPA2 bruteforce speed increase
« on: October 13, 2008, 04:38 PM »
I pondered a bit whether I should post this or not, since it'll undoubtedly be part of Ehtyar's tech news weekly. But I figured it's interesting enough to stand out on it's own... this says something about the massive power today's generally programmable GPUs have for very specific parallellizable operations - almost to the point of making small-scale in-your-own-basement supercomputers affordable.

Russian researchers achieve 100-fold increase in WPA2 cracking speed:brutalgpu.png

EDIT: added hyperlink to image, for those too lazy to google for keywords ;P
- carpe noctem
« Last Edit: October 13, 2008, 04:41 PM by f0dder »

wreckedcarzz

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 1,626
    • View Profile
    • Donate to Member
Re: 100-fold WPA/WPA2 bruteforce speed increase
« Reply #1 on: October 13, 2008, 06:46 PM »
Great, more problems for Wi-Fi owners.

That goes both ways with me; I have Wi-Fi I manage at home, but at the same time, I want into my school's Wi-Fi. Good vs evil. Too bad I can't afford 2 GX2's in SLI.

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,747
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: 100-fold WPA/WPA2 bruteforce speed increase
« Reply #2 on: October 13, 2008, 06:50 PM »
That's both cool and scary at the same time.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: 100-fold WPA/WPA2 bruteforce speed increase
« Reply #3 on: October 13, 2008, 07:13 PM »
Great, more problems for Wi-Fi owners.

That goes both ways with me; I have Wi-Fi I manage at home, but at the same time, I want into my school's Wi-Fi. Good vs evil. Too bad I can't afford 2 GX2's in SLI.
Notice that you need "a couple" of rigs with those cards, not just a single SLI machine, if you want to take brute-forcing down to a few days worth of time. But it's still a lot more affordable than custom hardware or supercomputers, which is the point :)

I think that the article price of "€599 for a network of 20" is way off - you might be able to put together a single box for that kind of cash if you find the right deals, though :) (€599 ~ $810).
- carpe noctem

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,747
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: 100-fold WPA/WPA2 bruteforce speed increase
« Reply #4 on: October 13, 2008, 07:16 PM »
I think that the article price of "€599 for a network of 20" is way off - you might be able to put together a single box for that kind of cash if you find the right deals, though :) (€599 ~ $810).

Yeah I was wondering about that. Maybe it meant it cost that much for each system.

jgpaiva

  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 4,727
    • View Profile
    • Donate to Member
Re: 100-fold WPA/WPA2 bruteforce speed increase
« Reply #5 on: October 13, 2008, 07:42 PM »
Interesting.. Thanks for the heads-up, f0dder!  :Thmbsup:

Ehtyar

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,237
    • View Profile
    • Donate to Member
Re: 100-fold WPA/WPA2 bruteforce speed increase
« Reply #6 on: October 14, 2008, 01:47 AM »
Thanks for the plug f0d man :) I would never discourage people to post news items they consider important. Last week's news contained an article that Carol had already posted. I just direct people to the original thread in hopes of directing peoples attention to the location where discussion is already going on.
In response to your post..I know everyone says this, but I KNEW this was going to happen. I finally relent, after years of resisting wireless, and now that I finally give in (my dad wouldn't shutup), with my 32 character password and my WPA2, this crops up. Wireless routers are becoming obsolete faster than USB keys, guess there's no point buying that draft-n now, I'll have to replace it in 6 months to stay secure anyway :(
(Yeah I'm paranoid, what're you gonna do about it :P)

Ehtyar.

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,857
    • View Profile
    • Donate to Member
Re: 100-fold WPA/WPA2 bruteforce speed increase
« Reply #7 on: October 14, 2008, 10:08 AM »
In response to your post..I know everyone says this, but I KNEW this was going to happen. I finally relent, after years of resisting wireless, and now that I finally give in (my dad wouldn't shutup), with my 32 character password and my WPA2, this crops up. Wireless routers are becoming obsolete faster than USB keys, guess there's no point buying that draft-n now, I'll have to replace it in 6 months to stay secure anyway

I don't think it's really the fault of the router. Most people don't effectively use all the security features in the routers they already own. And weak passwords, which most people use, will break any security system no matter how good the technology is.

Your router is also firmware based so it should be easily upgradeable to new security standards as long as the manufacturer chooses to provide updates for the model you own.

You should still be able to get a high degree of security on many WAPs by taking advantage of the VPN feature found in most. If your router doesn't support VPN you may be able to install 3rd party firmware that can add that feature.

Take a look at DD-WRT as a starting point. It will give yousome ideas of what's out there. TAke a look at the Wikipedia article since it's easier to follow then the original website. Also take a look at what it has to say about OpenVPN and Chillispot in the features subsection. You can use that to jumpstart your understanding of network security offerings.


http://en.wikipedia.org/wiki/Dd-wrt

Maybe we can't stop the baddies. But at least we can keep them working nights and weekends. 8)

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: 100-fold WPA/WPA2 bruteforce speed increase
« Reply #8 on: October 14, 2008, 11:28 AM »
Ehtyar: of course it was going to happen, and it isn't surprising it's done harnessing the power of GPUs - those are pretty darn mean parallel number-crunching machines. The article does seem to hint that you'd need 20 machines at ~$800 each to bring bruteforcing down to "days or weeks" - so I really wouldn't be worried about home networks anytime soon ;)

As for VPN, I haven't seen home routers/accesspoints directly support that - well, VPN passthrough sure, but then you need VPN infrastructure support by some other device. How much work is it to set up OpenVPN? And then you need a proper VPN client as well, which can be a mess (ciscos client *sucks donkey* - the Microsoft client built into windows works like a charm, but is insecure).
- carpe noctem

Mark0

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 652
    • View Profile
    • Mark's home
    • Donate to Member
Re: 100-fold WPA/WPA2 bruteforce speed increase
« Reply #9 on: October 15, 2008, 08:20 AM »
With a long password (as it was always recommended) even a 100 folds increase doesn't make much of a difference.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: 100-fold WPA/WPA2 bruteforce speed increase
« Reply #10 on: October 15, 2008, 06:22 PM »
How long would it normally take to bruteforce a longish WPA2 password? If we say 10 years (could be more, could be less - I heard it helps at least against WPA to sniff a bunch of packets), that would still be reduced to about a month of bruteforcing, which might be good enough.

Of course a 100-fold increase in an exhaustive bruteforce against a 256bit AES key doesn't help much, but then again that's not what you're brute-forcing with WPA/WPA2, is it?
- carpe noctem