Wi-Fi Security: Cracking WPA With CPUs, GPUs, And The Cloud

Features
By Andrew Ku
published

Is your network safe? Almost all of us prefer the convenience of Wi-Fi over the hassle of a wired connection. But what does that mean for security? Our tests tell the whole story. We go from password cracking on the desktop to hacking in the cloud.

How Secure Is Your Wireless Network?

We hear about security breaches with such increasing frequency that it's easy to assume the security world is losing its battle to protect our privacy. The idea that our information is safe is what enables so many online products and services; without it, life online would be so very different than it is today. And yet, there are plenty of examples where someone (or a group of someones) circumvents the security that even large companies put in place, compromising our identities and shaking our confidence to the core.

Understandably, then, we're interested in security, and how our behaviors and hardware can help improve it. It's not just the headache of replacing a credit card or choosing a new password when a breach happens that irks us. Rather, it's that feeling of violation when you log into your banking account and discover that someone spent funds out of it all day.

In Harden Up: Can We Break Your Password With Our GPUs?, we took a look at archive security and identified the potential weaknesses of encrypted data on your hard drive. Although the data was useful (and indeed served to scare plenty of people who were previously using insufficient protection on files they really thought were secure), that story was admittedly limited in scope. Most of us don't encrypt the data that we hold dear.

At the same time, most of us are vulnerable in other ways. For example, we don't run on LAN-only networks. We're generally connected to the Internet, and for many enthusiasts, that connectivity is extended wirelessly through our homes and businesses. They say a chain is only as strong as its weakest link. In many cases, that weak link is the password protecting your wireless network.

There is plenty of information online about wireless security. Sorting through it all can be overwhelming. The purpose of this piece is to provide clarification, and then apply our lab's collection of hardware to the task of testing wireless security's strength. We start by breaking WEP and end with distributed WPA cracking in the cloud. By the end, you'll have a much better idea of how secure your Wi-Fi network really is.

Andrew Ku
80 Comments Comment from the forums
  • fstrthnu
    Well it's good to see that WPA(2) is still going to hold out as a reliable security measure for years to come.
    Reply
  • runswindows95
    The 12 pack of Newcastles works for me! Give that to me, and I will set you up on my wifi! Free beer for free wifi!
    Reply
  • Soma42
    I think I'm going to go change my password right now...
    Reply
  • Pyree
    runswindows95The 12 pack of Newcastles works for me! Give that to me, and I will set you up on my wifi! Free beer for free wifi!
    Then either beer at your place is really expensive or internet is really cheap. Need 6x12 pack for me.
    Reply
  • compton
    Thanks for another article that obviously took a lot of work to put together. The last couple of articles on WiFi and archive cracking were all excellent reads, and this is a welcome addition.
    Reply
  • mikaelgrev
    "Why? Because an entire word is functionally the same as a single letter, like "a." So searching for "thematrix" is treated the same as "12" in a brute-force attack."

    This is an extremely wrong conclusion. Extremely wrong.
    Reply
  • What about the permutations of the words?
    i.e ape can be written:
    ape, Ape, aPe, apE, APe, aPE, ApE, APE.
    Thats 2^3=8 permutations. Add a number after and you get (2^3)*(10^1)=80 permutations.
    You can write PasswordPassword in 2^16=65536 ways.
    How about using a long sentence as a password?
    i.e MyCatIsSuperCuteAndCuddly, thats 2^25 permutations :)
    Reply
  • molo9000
    Any word on MAC address filtering?
    Can you scan for the MAC addresses? It's probably easy to get and fake MAC adresses, or it would have been mentioned.


    *scans networks*
    12 networks here,
    1 still using WEP
    10 allowing WPA with TKIP
    only 1 using WPA2 with AES only (my network)
    Reply
  • agnickolov
    Considering my WPA password is over 20 characters long I should be safe for the foreseeable future...
    Reply
  • aaron88_7
    "12345, that's amazing, I've got the same combination on my luggage!"Still makes me laugh every time!
    Reply