Wifi Protected Access Cracking

  • Home
  • WPA Overview
  • WPA Fixes

Links

  • wifi protected access pre-shared key hacking
  • certified ethical hacker course
  • Certified Penetration Testing Specialist CPTS Training
  • Dtidata data recovery training class
  • pc3000 data recovery tool training
  • data recovery platter swap tool training
  • cPSI Security Awareness Training
  • Security Policy and Awareness Solutions for PCI-DSS
  • Clientside Attack - Remote Exploit
  • PowerPoint Exploit
  • PDF exploit
  • iPhone exploit
  • live memory forensics training
  • live memory forensics training
  • live memory forensics software training

 Cracking Wi-Fi Protected Access

WPA Overview

Since the turn of the century, wireless networking has grown from a very exclusive tech toy into a full-blown phenomenon. For less than $50, anyone who can plug in a toaster can essentially set up a wireless local area network (WLAN). The problem with this plug-and-play generation of users is that very few understand how their data is sent through the air, much less comprehend the associated risks. Even as I write this, an estimated 40–50% of all wireless users are not implementing any form of protection. On the bright side, this percentage is falling, albeit very slowly.

The security problem is exacerbated by the fact that early attempts at encryption were flawed. Wired Equivalent Privacy (WEP) was found to be vulnerable to various statistical weaknesses in the encryption algorithm it employed to scramble data passed over the WLAN. While attempts were made to correct the problem, it's still a relatively simple feat to crack WEP and essentially pull the password right out of the air. In addition, WEP suffers from other problems that make it unacceptable for use in any secure environment.

The wireless community knew early on that these problems existed. However, they also realized that it would take years until the standardized correction was designed and implemented into new hardware. In the meantime, millions of users needed reliable protection. The Wi-Fi Alliance stepped up to the challenge and created an interim "standard" called Wi-Fi Protected Access (WPA).

WPA did an excellent job of patching the problems in WEP. With only a software upgrade, it corrected almost every security problem either created or ignored by WEP. However, WPA also created new problems:

  • One flaw allowed an attacker to cause a denial-of-service attack, if the attacker could bypass several other layers of protection.
  • A second flaw exists in the method with which WPA initializes its encryption scheme. Consequently, it's actually easier to crack WPA than it is to crack WEP. This flaw is the subject of this article.
. WPA Options | Next Section

Copyright © 2009 Wifi Protected Access Cracking, Inc. All rights reserved.

Xhtml | Css