Securing wireless local area networks can be a tricky business, and a group of researchers have highlighted just how much.
Published in the International Journal of Information and Computer Security, the research outlines how the Wi-Fi Protected Access 2 (WPA2) protocol can be potentially exposed using deauthentication and brute force attacks.
“Thus far, WPA2 is considered to be amongst the most secure protocols,” according to the researchers’ paper. “However it has several security vulnerabilities. Until now there has not been a complete and fully successful methodology capable of exposing the WPA2 security. This paper provides a novel way of successfully exposing WPA2 security issues by using a complete dictionary that generates all the possible printable ASCII characters of all possible lengths.”
The research was performed by Achilleas Tsitroulis of Brunel University in the UK; Dimitris Lampoudis of the University of Macedonia in Greece; and Emmanuel Tsekleves of Lancaster University, UK. According to the researchers, the 802.11i deauthentication process presents a flaw. During the process, clients are forced to reconnect and re-authenticate to the correspondent access point, resulting in the capture of an instance of the pre-shared key. In the case of WPA/WPA2, the four-way authentication handshake is revealed.
To prove their point, the researchers analyzed 10 different scenarios, with the main difference between them being the password.
“At the beginning, the area was scanned-sniffed with ‘Airodump’ and then a deauthentication attack was made with ‘Aireplay’,” according to the paper. “Through that, an instance of the PSK was caught. Finally, ‘Aircrack’ was attempting to reveal the secret password by using the instance of the PSK and matching it with every record of the dictionary. For these experiments we used a very big dictionary that consisted of 666,696 standard printable ASCII character records of various lengths. ‘Airodump’ and ‘Aireplay’ are commands of the ‘Aircrack’ suite, responsible for sniffing and deauthentication respectively.”
In all but one of the cases, the key was easily found, the researchers stated.
“The biggest advantage of WPA/WPA2 security protocols is security reliance on dictionary pluralism in words,” the researchers continued, adding that while it is very difficult to expose the WPA/WPA2 security protocol, it is not impossible. “Even though, a considerable amount of time would be required. In order to accomplish that, in a relatively short period of time, the adversary should have a FPGA (instead of a computer), performing the whole procedure.”
The best way to protect an 802.11i network is through the use of WPA2 in combination with MAC filtering, the researchers recommend. In addition, changing the encryption key periodically can increase the level of difficulty for attackers. The more complex the password, the more the difficulty will rise as well.
“Firstly, network security can be increased by firstly hiding the SSID, so that the procedure of gathering information regarding the network becomes more difficult,” the researchers added. “Furthermore, in some APs the Telnet/SSH services are enabled by default. It is advisable to disabling those services in order to protect unauthorised network access, by providing password checks. Not following the above actions, increases the risk of unauthorised network access that can lead to various malicious actions, such as having the AP reconfigured by the adversary.”
More from Brian Prince
- U.S. Healthcare Companies Hardest Hit by ‘Stegoloader’ Malware
- CryptoWall Ransomware Cost Victims More Than $18 Million Since April 2014: FBI
- New Adobe Flash Player Flaw Shares Similarities With Previous Vulnerability: Trend Micro
- Visibility Challenges Industrial Control System Security: Survey
- Adobe Flash Player Zero-Day Exploited in Attack Campaign
- Researchers Demonstrate Stealing Encryption Keys Via Radio
- Researchers Uncover Critical RubyGems Vulnerabilities
- NSA, GCHQ Linked to Efforts to Compromise Antivirus Vendors: Report
Latest News
- Millions Stolen in Hack at Cryptocurrency ATM Manufacturer General Bytes
- Waterfall Security, TXOne Networks Launch New OT Security Appliances
- Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm
- NBA Notifying Individuals of Data Breach at Mailing Services Provider
- Adobe Acrobat Sign Abused to Distribute Malware
- New York Man Arrested for Running BreachForums Cybercrime Website
- Huawei Has Replaced Thousands of US-Banned Parts With Chinese Versions: Founder
- Latitude Financial Services Data Breach Impacts 300,000 Customers
