Re: Rainbowtables for WPA PSK?

From: Joshua Wright (jwright@hasborg.com)
Date: Thu Dec 22 2005 - 16:49:39 EST


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Meidinger Chris wrote:
> Both STA and AP use nonces to defeat a replay or precalc attack.
...
>> Without studying the ins and outs, I think it should be possible to
>> generate rainbowtables for WPA PSKs. Especially since on-the-fly
>> cracking takes quite some time per crypt and most users use a
>> alphanumeric characterset for the pass. It my assumption right?

Note that while the PTK generation uses STA and authenticator nonces to
defeat precomputation attacks, WPA-PSK PMK derivation does not use a
nonce. The only "salt" that is used in PMK derivation is the SSID of
the network, allowing an attacker to perform a precomputed dictionary
attack against the PMK.

In a dictionary attack against WPA-PSK, it is the PMK derivation that
takes so long to compute. The PMK derivation is based on the pbkdf2
algorithm which uses 4096 HMAC-SHA1 passes, while PTK derivation is only
 a single HMAC-SHA1 pass.

At Shmoocon this year, Renderman, Thorn, Dutch and I will be giving a
presentation on a variety of wireless-related topics, including a new
release of coWPAtty that takes advantage of precomputed PMK's to
significantly accelerate the process of mounting a dictionary attack
against WPA-PSK networks.

- -Josh
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDqx9zTS8i9jZYpL8RApNbAKDJlskt3LmaRtwx10MCRvZoTNYFrACgvxfC
2k5Pe6xQx+uidMI5GASan/Y=
=zVVS
-----END PGP SIGNATURE-----

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:17 EDT