WPA encryption, what are ur opinons on this?

[paulmofyourhand]

http://kbserver.netgear.com/kb_web_files/n101190.asp

i stumbled upon this while checking out some wifi routers.

-paulm

 

[skritch]

Originally posted by paulmofyourhand
http://kbserver.netgear.com/kb_web_files/n101190.asp

i stumbled upon this while checking out some wifi routers.

-paulm

WPA has weaknesses similar to that in WEP.

Preshared keys (the manner in which almost every consumer deployment will be implemented) are vulnerable to dictionary attacks. The PSK->PMK algorithm is well-known and static, and the PSK is obtainable to anyone who asks for it, making cracking WPA trivial, because with the PSK and the algorithm, you can generate the PTK and from there, brute-force the password. It's almost easier than the ISV vulnerability in WEP. In fact, it IS easier, because you don't need several gigs of observed traffic to crack it.

 

[NetJunkie]

Wouldn't the suggestion be to use a good, non-dictionary, password?

 

[skritch]

Originally posted by NetJunkie
Wouldn't the suggestion be to use a good, non-dictionary, password?

"dictionary" in this context doesn't necessarily mean, "contents of a book by that name".

Dictionary attacks these days use sophisticated bigram and trigram algorithms, as well as substitution, numeric, and spatial algorithms to brute-force passwords.

Only passwords with an extremely high entropy (i.e., truly random) stand fast against today's dictionary attacks.

How many people do you know that use truly random passwords?

 

[NetJunkie]

Originally posted by skritch

How many people do you know that use truly random passwords?

Thanks for the remote BTW. Forgot to email you back.

But couldn't the same be said about WEP? You can dictionary that, it just isn't worth the work usually. A good password on WPA gets converted to a good key which is still going to take a very long time. I see what the concern is, I just don't see it as a huge threat. If it's worse than I can see I'll just move to RADIUS auth.

I just moved my house to WPA. I did it for security since I have a connection to work and I'm afraid I have neighbors with too much free time.

 

[skritch]

Originally posted by NetJunkie
Thanks for the remote BTW. Forgot to email you back.

Glad you're enjoying it!

But couldn't the same be said about WEP? You can dictionary that, it just isn't worth the work usually. A good password on WPA gets converted to a good key which is still going to take a very long time.

Yes, but the difference is: Cracking WEP requires the collection of about 5GB of raw wireless traffic, and then brute-forcing the key. Cracking WPA requires a single packet. The former can take days or weeks, depending on how many computers are using that access point, and how frequently they connect and disconnect (and thus, how fast the ISV cycles). The latter can be done in an hour or two.

 

[paulmofyourhand]

ok, while all of these files (WEP's 5gb thing, or the single WPA pcket) are being forced onto my acces point, is there anyway for me to know that this is happening?

-paulm

 

[skritch]

Originally posted by paulmofyourhand
ok, while all of these files (WEP's 5gb thing, or the single WPA pcket) are being forced onto my acces point, is there anyway for me to know that this is happening?

-paulm

WEP cracking: Not until it's happened.
WPA cracking: You can watch for the query packet to obtain the PSK. However, though the PSK is necessary for that attack, not all PSK queries are attack-related. So, practically speaking, you still wouldn't know until it's happened.

 

[NetJunkie]

Originally posted by skritch
Glad you're enjoying it!



Yes, but the difference is: Cracking WEP requires the collection of about 5GB of raw wireless traffic, and then brute-forcing the key. Cracking WPA requires a single packet. The former can take days or weeks, depending on how many computers are using that access point, and how frequently they connect and disconnect (and thus, how fast the ISV cycles). The latter can be done in an hour or two.

But are you assuming a weak passphrase in your 2 hour estimate? What about a "good" passphrase/key?

Or is the problem that the PSK algorithm is known and fast and you can use that with a brute force very quickly? The things I read said that a weak key is well...weak, but a good key is good.

BTW: Know any WPA auditing tools?

 

[batkiwi]

what's your oppinoin on certificate based wpa using freeradius? I'ts not TOO hard to set up if you know what you're doing, but it's not worth the effort if it's just as easy to crack.