WPA2 Personal Cracked, Russian Company Claims

Posted October 13th, 2008 at 1:01 AM by Anti-Trend

The Russian based security firm ElcomSoft is claiming to be able to crack WPA2 Personal wireless authentication security in a matter of weeks rather than years. According to their press release, they’ve employed purpose-written software which is powered with a backend of clustered, commodity-grade NVIDIA GPUs.

This all sounds rather alarming at face value. But how effective would their methods be in real-life application? Read on for my dissection of this development.

WPA2 Finally Cracked?

Technically, ElcomSoft isn’t claiming to have cracked WPA2 per se, but rather to have drastically accelerated the processes of cracking the password. This is done using good old brute force methodology, i.e. guessing the password very rapidly. In the press release, ElcomSoft claims to achieve up to 100x the brute force capabilities of classic CPU-based attacks by employing GPUs instead:

Moscow, Russia (PRWEB) October 9, 2008 — ElcomSoft Co. Ltd. accelerates the recovery of WPA and WPA2 encryption used in the Wi-Fi protocol by employing the new-generation NVIDIA video cards. ElcomSoft patent-pending GPU acceleration technology implemented in Elcomsoft Distributed Password Recovery allows using laptop, desktop or server computers equipped with supported NVIDIA video cards to break Wi-Fi encryption up to 100 times faster than by using CPU only.

High-end GPUs have already proven their effectiveness in mathematically complex physics simulations, so it should come as no great surprise that this technology might be leveraged in brute force password cracking operations. Still, based on the information one can glean from their somewhat vague press release, there are some serious questions the security community should be asking.

Who is the target of such an attack?

One would assume that the most desirable target of such an approach would be banks, corporations and other institutions where data security is of significance. However, the PSK security model of WPA/2 Personal is not very practical for larger or security-conscious organizations, since that means effectively handing out one password for all users. As such, I would expect WPA2 Enterprise to have a greater foothold in such circles, since authentication is centralized and handled on a per-user basis. Incidentally, WPA2 Enterprise is not vulnerable to this particular brute-force methodology at all.

What About Proximity?

How close must this GPU cluster be to the target in order to be effective? Must they be within range of the victim wireless network, or can a proxy system (e.g. a laptop) be within range, while the cluster hums in a remote data center somewhere? In the former case, an attacker must still have said laptop within range of the wireless network for at least a few weeks while the brute force works its magic. In the latter, I’m imagining a van with a noisy diesel generator, parked in the back alley behind a corporation for 2 weeks… and that probably wouldn’t be logistically feasible in most cases. Otherwise it would be down to attacking from a neighboring building, which leaves the attacker somewhat vulnerable to local law enforcement should the attack be detected.

Was The Victim Hardware Taken Into Account?

Since we’ve already established that the most likely spot to find networks using WPA/WPA2 Personal is in small or home offices and not more desirable targets, what kind of hardware are we likely to see in such a case? Consumer grade hardware which is typical of SOHO application typically has between 4-64mb of onboard memory and a 100-300MHz central processor. How many simultaneous connections would such hardware handle before becoming unreachable by the attacker? My guess would be less than 1000… probably far less on most hardware (250? 100? 50?). Still, for the sake of argument, let’s assume the prospective victim’s access point can handle 5,000 simultaneous WPA2 attempts, and is secured with a meager 8-character password that utilizes only lowercase characters and a few digits. In such a scenario, it would take approximately 19 years at a sustained rate of 5,000 attempts per second.

Summary:

This WPA2 crack doesn’t seem to be feasible in the overwhelming majority of situations. An attacker is supposed to:

  • posses multi-thousand-dollar software (granted, this can potentially be pirated),
  • a networked cluster with plenty of relatively high-end NVIDIA video cards,
  • be able to physically position themselves in such a way as to actually perpetrate the attack.

Additionally, the victim network must:

  • posses facilities which lend themselves to a rather conspicuous multi-week brute force episode
  • have extremely high-end wireless hardware capable of handling much higher than average connections per second,
  • forgo WPA2 Enterprise for the less scalable WPA2 Personal,
  • utilize a ridiculously weak PSK with far under the 63-character max password limit,
  • neglect to log failed WPA2 authentication attempts or use any wireless IDS tools of any kind,
  • have something worth attacking inside the target WPA2 network (e.g. not a bare-bones DMZ that’s separated from the internal network by firewalls).

Conclusion:

While I would expect the GPU-based brute force technology may hold some merit for non-wireless password cracking, the suggested WPA2 application seems an attention grab at best and snake oil at worst. Now, I’m perfectly willing to admit that ElcomSoft might possibly have some very substantial improvements over the standard brute force methodology they’ve mentioned in their press release. If that is so, hopefully they will release a more detailed whitepaper on how their technology works; some real-world figures that are readily reproducible would be nice too. But unless this comes to pass, I think we can conclude that this press release is clearly more sales pitch than zero day.

Comments

2 Responses to “WPA2 Personal Cracked, Russian Company Claims”

  1. Neut on January 24th, 2009 7:12 AM

    “Was The Victim Hardware Taken Into Account?” and below in your article is mostly wrong.

    You didn’t research this properly because they are not bruteforcing ON wireless access point, they just capture the 4-way handshake, they then bring back this little piece of data to their lab and they crack it there.

    That being say there is no need for “many simultaneous connections”, just one wireless card and a client already connected to the WAP, you deauth him and catch the 4-way WPA handshake.

    Easy as pie.

    As for the hardware it wouldn’t cost that much, a lab of around 20k could crack pretty much anything in a matter of days.

  2. Sauce on December 26th, 2009 6:30 AM

    lol yeah, they claim all this bullshit, and nothing else is said beyond this page. Dumbass’s :-)

Got something to say? (Login or Register)





XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>