GPUs Used To Crack WiFi Passwords Faster

MojoKid writes "Russian-based ElcomSoft has just released ElcomSoft Wireless Security Auditor 1.0, which can take advantage of both Nvidia and ATI GPUs. ElcomSoft claims that the software uses a 'proprietary GPU acceleration technology,' which implies that neither CUDA, Stream, nor OpenCL are being utilized in this instance. At its heart, what ElcomSoft Wireless Security Auditor does is perform brute-force dictionary attacks of WPA and WPA2 passwords. If an access point is set up using a fairly insecure password that is based on dictionary words, there is a higher likelihood that a password can be guessed. ElcomSoft positions the software as a way to 'audit' wireless network security."

Brute-force password guessing not a problem

[morgan_greywolf]

But brute force-password guessing isn't a problem if you a choose a long enough password with a large enough character set - letters, numbers, symbols. My WPA password is larger than 15 characters. Good luck without a Beowulf cluster of those -- and even then, it better have a LOT of those GPUs.

Re:Brute-force password guessing not a problem

[sakdoctor]

Since you generally never have to type a WPA key in, might as well go for maximum entropy.

https://www.grc.com/passwords.htm

Re:Brute-force password guessing not a problem

[morgan_greywolf]

Assuming you have it compiled into kernel, yes. (Most modern distros do)

Re:Brute-force password guessing not a problem

[cbiltcliffe]

Your last guess is pretty close.

You intercept a few packets of data from the wireless network and save them. Then, you bugger off to your evil lair, and set about trying to crack them with your dictionary list.

But the algorithm that WPA uses is non-reversible. It's also run 4096 times.
So to crack it, you take the first line in your dictionary, throw in the network's SSID (this is included for better security. Passphrase: 12345 will hash differently on a network named linksys than it will on a network named dlink), run it through the WPA algorithm the 4096 times, truncate the result at 256 bytes, then compare that 256 bytes to the captured packets.
If they don't match, go on to the next line in your dictionary.
If they do match, you've got your passphrase.

My Athlon64 laptop does just shy of 200 passphrases/second like this. My current audit dictionary is somewhere on the high side of 48 million words.
Obviously, speeding this up in any way is going to decrease your audit time significantly.

Re:Brute-force password guessing not a problem

[plover]

The old (very old) password cracking programs I've played with allow the user to set up rules to guide guesses. You'd fill out a series of patterns, and if possible base them on passwords you know your target has used in the past. For example, I knew a friend commonly substituted digit 1 for letter i, so added a rule of s/i/1/ to the list of modifications to dictionary words. (I eventually found his password was k3rm1t.)

Like most things, the answer of "is your security weaker" is "it depends". You certainly aren't doing yourself any security favors by telling us you might have a movie quote as a pass phrase, even in an example. This is information that may have made your router's password significantly more guessable.

First of all, I'd want to physically locate you first to avoid wasting time cracking the wrong router. That should be fairly easy. Tools like Google and Wigle might help me narrow it down to exactly you. I'd start guessing with the notion that you might use a quote from a movie as your pass phrase, or perhaps the first letters of a quote as a pass phrase. A script running through IMDB could theoretically yield the quote your current pass phrase is based on, and there are dozens of web pages devoted to movie quotes of just about every genre. I'd start with quotes from movies featuring Samuel Jackson, anime movies, and episodes of American Dad and South Park. I would guess you'd write it in all lower case, but anotherTestWithCamelCase is cheap. I know you might also separate the words with some common symbol/number pairs, and that you've done them in 1-2-3 order, so I would add various rules to test the movie phrases that way. Twice in your examples above you've post-fixed a symbol/number to your phrases, so I'd add that pattern, too.

Failing to find your pass phrase among the movie quotes, I'd move on to video game quotes and slang, maybe some Ozzie lyrics or other metal lyrics, CD liner notes, and possibly even some quotes from literature. The point is the GPU is screamingly fast, and can try billions of permutations of each of these, and the real bottleneck would likely be having to scoop up all these sources of quotations from the net.

Now, given that you're posting to Slashdot, I'm hoping you'd be a bit more clever than all this, and you've posted the above as a pile of misdirection. I'd only give myself about a 5% chance of actually guessing your pass phrase, even with the tools above and the hints you provided. But those are a hell of a lot better odds than trying to guess a truly random password. The other thing working in your favor is that you're pretty young and thus likely broke, so no serious criminals have the profit motivation to hunt you down and start hacking away at your wireless. Now, if you were "Senator Adams from the Great State of New Jersey," or "Millionaire Adams, the Sausage King of Newark," then there'd be a bit more incentive. That's what happened to both Palin and Obama.

The thing you should take away from this is: it wouldn't hurt to change your passphrase right now to some cryptographically random value. You've likely given away too much information already. But the chances are greater that nobody really cares what your pass phrase is. :-)

Brute Force?

[Fnord666]

... does is perform brute-force dictionary attacks of WPA and WPA2 passwords.

I tried using a non brute force dictionary attack on an encryption key once. I just tried every third word in the dictionary. It didn't seem to work as well as trying them all. In other words, there are brute force attacks and there are dictionary attacks, but there are no brute force dictionary attacks.

Re:Time travel

Yep. As Bruce Schneier notes in Applied Cryptography, simply cycling a 256-bit counter (eg, random 8 byte password, just express it as a hex string if you like) would take more energy than is released by a typical supernova.

In other words, if your password is susceptible to an offline bruteforce attack, as WPA is, make it long-ish and random. Then rest easy unless some real, non-brute-force attack is discovered.

Re:Full disclosure

[kabocox]

If some security manager reads this, goes back to work, and says "OK, change all our WPA passwords, our current ones may not be secure", he will be making a real improvement to his network. He might even be locking out an existing hacker in the process.

Until 10 minutes later the CEO calls the head of IT and has them change the WAP password back to Password1 so he can log in. It's nearly a known fact that managers can't type passwords longer than 8 characters successfully. 16 character or longer passwords become difficult for field IT guys to type. o.k. was that new password ffffffddddddcccccc222222555555? I mean it's difficult enough to get them to use their kid's name plus a number as a password and you want a security consult to change a working system because it might be insecure? Damn.

Every system and facility is insecure if you put enough force into cracking it. We've got an offsite gym/vehicle storage building where the only security is a vericard to get the door and a key for the back. There is a stand alone laptop of little value out there, but there is several thousand dollars of gym equipment there. What level of force/ability do you really think that it would take to clone/spoof a vericard and then load up alot of that equipment onto a semi? The reason that we don't employ a full time guard or have the place monitored by 4-8 DVR cameras is that those in charge of the budget don't think that its worth that amount of effort to protect. But even if you had a guard and cameras, how much money do you think it would take to bribe the guard and disable/by pass the cameras? With enough resources/effort anything is possible.