Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Researchers Outline How to Crack WPA2 Security

Cracking WPA2 Wireless Security

Securing wireless local area networks can be a tricky business, and a group of researchers have highlighted just how much.

Cracking WPA2 Wireless Security

Securing wireless local area networks can be a tricky business, and a group of researchers have highlighted just how much.

Published in the International Journal of Information and Computer Security, the research outlines how the Wi-Fi Protected Access 2 (WPA2) protocol can be potentially exposed using deauthentication and brute force attacks.

“Thus far, WPA2 is considered to be amongst the most secure protocols,” according to the researchers’ paper. “However it has several security vulnerabilities. Until now there has not been a complete and fully successful methodology capable of exposing the WPA2 security. This paper provides a novel way of successfully exposing WPA2 security issues by using a complete dictionary that generates all the possible printable ASCII characters of all possible lengths.”

The research was performed by Achilleas Tsitroulis of Brunel University in the UK; Dimitris Lampoudis of the University of Macedonia in Greece; and Emmanuel Tsekleves of Lancaster University, UK. According to the researchers, the 802.11i deauthentication process presents a flaw. During the process, clients are forced to reconnect and re-authenticate to the correspondent access point, resulting in the capture of an instance of the pre-shared key. In the case of WPA/WPA2, the four-way authentication handshake is revealed. 

To prove their point, the researchers analyzed 10 different scenarios, with the main difference between them being the password.

“At the beginning, the area was scanned-sniffed with ‘Airodump’ and then a deauthentication attack was made with ‘Aireplay’,” according to the paper. “Through that, an instance of the PSK was caught. Finally, ‘Aircrack’ was attempting to reveal the secret password by using the instance of the PSK and matching it with every record of the dictionary. For these experiments we used a very big dictionary that consisted of 666,696 standard printable ASCII character records of various lengths. ‘Airodump’ and ‘Aireplay’ are commands of the ‘Aircrack’ suite, responsible for sniffing and deauthentication respectively.”

In all but one of the cases, the key was easily found, the researchers stated.

“The biggest advantage of WPA/WPA2 security protocols is security reliance on dictionary pluralism in words,” the researchers continued, adding that while it is very difficult to expose the WPA/WPA2 security protocol, it is not impossible. “Even though, a considerable amount of time would be required. In order to accomplish that, in a relatively short period of time, the adversary should have a FPGA (instead of a computer), performing the whole procedure.”

Advertisement. Scroll to continue reading.

The best way to protect an 802.11i network is through the use of WPA2 in combination with MAC filtering, the researchers recommend. In addition, changing the encryption key periodically can increase the level of difficulty for attackers. The more complex the password, the more the difficulty will rise as well.

“Firstly, network security can be increased by firstly hiding the SSID, so that the procedure of gathering information regarding the network becomes more difficult,” the researchers added. “Furthermore, in some APs the Telnet/SSH services are enabled by default. It is advisable to disabling those services in order to protect unauthorised network access, by providing password checks. Not following the above actions, increases the risk of unauthorised network access that can lead to various malicious actions, such as having the AP reconfigured by the adversary.”

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Fraud & Identity Theft

A team of researchers has demonstrated a new attack method that affects iPhone owners who use Apple Pay and Visa payment cards. The vulnerabilities...

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

Asus patched nine WiFi router security defects, including a highly critical 2018 vulnerability that exposes users to code execution attacks.