WEP And PPTP Password Crackers Released

Jacco de Leeuw writes "SecurityFocus published an article by Michael Ossmann that discusses the new generation of WEP cracking tools for 802.11 wireless networks. These are much faster as they perform passive statistical analysis. In many cases, a WEP key can be determined in minutes or even seconds. For those who have switched to PPTP for securing their wireless nets: Joshua Wright released a new version of his Cisco LEAP cracker called Asleap which can now also recover weak PPTP passwords. Both LEAP and PPTP employ MS-CHAPv2 authentication." Update: 12/22 00:14 GMT by T : Michael Ossmann wrote to point out his last name has two Ns, rather than one.

Easier for travelers

[ad454]

Great, I will be leaving for a business trip soon, and now I can freely *access* those commercial WEP enabled Wi/Fi access points in many airports without risking my credit card.

Seriously though, Wi/Fi has to be treated like an unsecure public network, and anyone wants to restrict access they should use a more secure protocol like IPSec in host-to-host mode. Do not count on Wi/Fi manufactures to protect you, for some reason they just simply refuse to provide secure products.

Security is an illusion ...

[Gopal.V]

To be truthful, nothing is secure ... It can only be "Secure Enough". If the cost of breaking something is more than the benifit - that is security in one sense.

Any encryption can be broken - given enough resources ... The trick is to make it so difficult that nobody finds out unless they are prepared to invest more than what you did (time, computing power, money, technology).

Interestingly in India, according to Department of Telecom website - security means something different :).

23. Individuals/Groups/Organisations are permitted to use encryption upto 40 bit key length in the RSA algorithms or its equivalent in other algorithms without having to obtain permission from the Telecom Authority. However, if encryption equipments higher than this limit are to be deployed, individuals/groups/organisations shall do so with the prior written permission of the Telecom Authority and deposit the decryption key, split into two parts, with the Telecom Authority.

We have to keep our private keys in ESCROW to use >40 bit encryption ... Talk about stupid laws (of course which no-one enforces or obeys).

Re:Feasibility of dictionary attacks no protocol f

[wirelessbuzzers]

Every communication which uses passwords for authentication is susceptible to dictionary attacks. That is not a protocol weakness. If you use a random and long enough password, you'll be fine. Public key based authentication has other risks, like insufficiently secured storage of the key.

First, you will note that the attack on WEP (but not on PPTP) is not a dictionary attack and works with a computer-generated random 64- or 128-bit key. This is a protocol weakness.

Second, a good protocol does protect passwords. Either it establishes an encrypted session with the server, like SSH or SSL does, or it uses a secure password protocol like SRP. SRP in particular has the following properties:

1) The protocol is entirely public, and open-source implementations are available.
2) An eavesdropper on the wire does not get a dictionary attack on the password; without breaking the crypto behind the protocol, which nobody has been able to do yet, he gets no information. Of course, he can still do an online attack, but the server should prevent that.
3) Someone impersonating the server also does not get a dictionary attack on the password, even though the client does not need to memorize a key hash.
4) Someone who compromises the server database does get a dictionary attack on the password (this is inevitable), but they don't get the password for free. Furthermore, the password is salted, so they have some work to do.