Slashdot Mirror


WPA Weak Key Cracker Posted

Glenn Fleishman writes "The folks at TinyPEAP released a cracking tool to break Wi-Fi Protected Access (WPA) keys. WPA is the replacement for weak WEP keys in the original 802.11b specification. Robert Moskowitz of ICSA Labs released a paper almost exactly a year ago documenting how WPA keys that were short and lacked randomnness could be subject to cracks. This tool automates the process. Moskowitz advised choosing passphrases of more than 20 characters or generating random keys of at least 96 bits, but preferably 128 bits. Some tools exist to produce better keys, including chipmaker Broadcom's SecureEZSetup (in selected hardware) and Buffalo Technologies' hardware-based AOSS for automatic key generation and propagation. Enterprise-based WPA with 802.1X doesn't have this weakness: each user gets a long WPA key that's randomly generated and uniquely assigned--and can be frequently changed during a session."

4 of 168 comments (clear)

  1. g00d 1 m1c43a1!!!!! by Anonymous Coward · · Score: -1, Troll

    l37 734 4ax0ring k0mm3nc3!!!

  2. What Morons by StarWreck · · Score: -1, Troll

    I don't under stand why anyone would want to use WEP or WPA seeing as their just a simple single layer encryption method. Using MAC-Filtering is NOT that hard! Compared to WEP and WPA, Mac-Filtering based WLAN security is uncrackable.

    --
    ... and in the DRM, bind them.
    1. Re:What Morons by StarWreck · · Score: -1, Troll

      Seeing as MAC addresses are permanently burned into your WLAN card... you try it.

      --
      ... and in the DRM, bind them.
    2. Re:What Morons by hkb · · Score: 0, Troll

      _LETS_ continue to _TYPE_ like this _A LOT_. it's _PRETTY_ _COOL_ and gets my _POINT_ across really _WELL_!!!!

      --
      /* Moderating all non-anonymous trolls up since 2004 */