Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Researchers Outline How to Crack WPA2 Security

Cracking WPA2 Wireless Security

Securing wireless local area networks can be a tricky business, and a group of researchers have highlighted just how much.

Cracking WPA2 Wireless Security

Securing wireless local area networks can be a tricky business, and a group of researchers have highlighted just how much.

Published in the International Journal of Information and Computer Security, the research outlines how the Wi-Fi Protected Access 2 (WPA2) protocol can be potentially exposed using deauthentication and brute force attacks.

“Thus far, WPA2 is considered to be amongst the most secure protocols,” according to the researchers’ paper. “However it has several security vulnerabilities. Until now there has not been a complete and fully successful methodology capable of exposing the WPA2 security. This paper provides a novel way of successfully exposing WPA2 security issues by using a complete dictionary that generates all the possible printable ASCII characters of all possible lengths.”

The research was performed by Achilleas Tsitroulis of Brunel University in the UK; Dimitris Lampoudis of the University of Macedonia in Greece; and Emmanuel Tsekleves of Lancaster University, UK. According to the researchers, the 802.11i deauthentication process presents a flaw. During the process, clients are forced to reconnect and re-authenticate to the correspondent access point, resulting in the capture of an instance of the pre-shared key. In the case of WPA/WPA2, the four-way authentication handshake is revealed. 

To prove their point, the researchers analyzed 10 different scenarios, with the main difference between them being the password.

“At the beginning, the area was scanned-sniffed with ‘Airodump’ and then a deauthentication attack was made with ‘Aireplay’,” according to the paper. “Through that, an instance of the PSK was caught. Finally, ‘Aircrack’ was attempting to reveal the secret password by using the instance of the PSK and matching it with every record of the dictionary. For these experiments we used a very big dictionary that consisted of 666,696 standard printable ASCII character records of various lengths. ‘Airodump’ and ‘Aireplay’ are commands of the ‘Aircrack’ suite, responsible for sniffing and deauthentication respectively.”

In all but one of the cases, the key was easily found, the researchers stated.

“The biggest advantage of WPA/WPA2 security protocols is security reliance on dictionary pluralism in words,” the researchers continued, adding that while it is very difficult to expose the WPA/WPA2 security protocol, it is not impossible. “Even though, a considerable amount of time would be required. In order to accomplish that, in a relatively short period of time, the adversary should have a FPGA (instead of a computer), performing the whole procedure.”

Advertisement. Scroll to continue reading.

The best way to protect an 802.11i network is through the use of WPA2 in combination with MAC filtering, the researchers recommend. In addition, changing the encryption key periodically can increase the level of difficulty for attackers. The more complex the password, the more the difficulty will rise as well.

“Firstly, network security can be increased by firstly hiding the SSID, so that the procedure of gathering information regarding the network becomes more difficult,” the researchers added. “Furthermore, in some APs the Telnet/SSH services are enabled by default. It is advisable to disabling those services in order to protect unauthorised network access, by providing password checks. Not following the above actions, increases the risk of unauthorised network access that can lead to various malicious actions, such as having the AP reconfigured by the adversary.”

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

After the passing of Amit Yoran, Tenable has appointed Steve Vintz and Mark Thurmond as co-CEOs.

Former Wiz executive Trish Cagliostro has joined Orchid Security as Chief Revenue Officer.

Transcend has named former UnitedHealth Group CISO Aimee Cardwell as CISO in Residence.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.