ALERT: WPA isn't necessarily secure

SUMMARY:

WPA-PSK is vulnerable to offline attack.

TO AVOID THE PROBLEM:

USE A PASSPHRASE WITH MORE THAN 20 CHARACTERS. Examples: BAD: "vintage wine" GOOD: "floor hiking dirt ocean" (pick your own words, even longer is better) FOR HIGH SECURITY, USE MORE THAN 32 CHARACTERS.

BACKGROUND:

Weakness in Passphrase Choice in WPA Interface By Glenn Fleishman By Robert Moskowitz Senior Technical Director ICSA Labs, a division of TruSecure Corp

... The offline PSK dictionary attack ... Just about any 8-character string a user may select will be in the dictionary. As the standard states, passphrases longer than 20 characters are needed to start deterring attacks. This is considerably longer than most people will be willing to use.

This offline attack should be easier to execute than the WEP attacks. ... Using Random values for the PSK

The PSK MAY be a 256-bit (64 hexadecimal) random number. This is a large number for human entry; 20 character passphrases are considered too long for entry. Given the nature of the attack against the 4-Way Handshake, a PSK with only 128 bits of security is really sufficient, and in fact against current brute-strength attacks, 96 bits SHOULD be adequate. This is still larger than a large passphrase ... ... Summary ... Pre-Shared Keying is provided in the standard to simplify deployments in small, low risk, networks. The risk of using PSKs against internal attacks is almost as bad as WEP. The risk of using passphrase based PSKs against external attacks is greater than using WEP. Thus the only value PSK has is if only truly random keys are used, or for deploy testing of basic WPA or 802.11i functions. PSK should ONLY be used if this is fully understood by the deployers.

See also: Passphrase Flaw Exposed in WPA Wireless Security

Wi-Fi Protected Access. Security in pre-shared key mode

Cracking Wi-Fi Protected Access (WPA)

WPA Cracker

Reply to
John Navas
Loading thread data ...

Reply to
Airman Thunderbird

GRC is a really, really bad idea!

Steve Gibson (aka GRC) is a shameless snake oil salesman with no real expertise in security (case in point: ), and the password generator on the GRC site is of dubious quality and value -- the things said about it are patent nonsense.

Use Password Safe instead, created by noted cryptographer Bruce Schneier, and subjected to open source scrutiny.

Another good easy way to generate truly strong passwords (or passphrases) for any platform is Diceware .

On Mon, 16 Jul 2007 20:29:51 -0500, Airman Thunderbird wrote in :

Reply to
John Navas

Very usefull.

Reply to
Axel Hammerschmidt

On Tue, 17 Jul 2007 10:11:12 +0200, snipped-for-privacy@hotmail.com (Axel Hammerschmidt) wrote in :

Actually a very bad idea. See my prior response.

Reply to
John Navas

Note to casual readers: there are varying opinions of grc.com, so make up your own mind.

I love the register, but bear in mind that its a newspaper. Not everything in it is entirely correct, and just occasionally they do journalistically overemphasise the actualite....

Reply to
Mark McIntyre

Can I suggest that provide some evidence that the grc password generator is bad? As opposed to trotting out the party Anti-Gibson line, that is.

Reply to
Mark McIntyre

On Wed, 18 Jul 2007 00:08:02 +0100, Mark McIntyre wrote in :

It's patently bad, as anyone in security would tell you. We have no idea how it actually works, who has access to the passwords, or who might have hacked the website. Without peer review, it's the same as unsafe sex. Worse, the statements on the website are patent baloney.

Reply to
John Navas

Unless I'm mistaken, WPA will only take an alphanumeric password up to

63 characters, right? This is trivial to generate on your own computer, which is (hopefully) otherwise secured, using a decent "seed."

There's a lovely obscure and elegantly silly Bash shell script for this in The Advanced Bash Scripting Guide, relies on this:

PASS="$PASS${MATRIX:$(($RANDOM%${#MATRIX})):1}"

Reply to
Warren Oates

This is a repetition of what you said earlier, with an irrelevant appeal to higher authority tacked on the end.

Fear Uncertainty and Doubt....

By the way, how much idea do you have about how the MOD's security actually works, who has access to passwords, who might have hacked their websites? Does that make their security 'patently bad'?

By this definition, any non-opensource security programme is useless unsafe junk, including Cisco firewalls, all commercial AV systems and the IDS used by Nasa. I don't buy that ludicrous argument.

In other words, the anti-gibson bandwagon rolls on, unencumbered by any need to provide evicence.

Let me be clear: I have no opinion to offer about Gibson's products as I don't use and have not carried out a audit of the software. On the other hand, I therefore don't feel qualified to spread unsubstantiated rumour about their quality and fitness for purpose.

When someone produces actual evidence of serious flaws in the product (as opposed to flaws in the marketing bullsh*t which frankly can be found on far more prestigious websites than grc.com) then if they publish it for review, I'll read and make up my own mind.

Reply to
Mark McIntyre

On Wed, 18 Jul 2007 23:50:35 +0100, Mark McIntyre wrote in :

Actually lots of confirmation on the Internet.

More than you apparently think. ;)

Pretty much, your opinion notwithstanding.

On the contrary -- been there, done that.

Again, been there, done that.

Reply to
John Navas

No, lots of FUD on the internet.

Then frankly, you're an idiot. my opinion notwithstanding.

Like I said, unencumbered by the need to provide evidence.

Reply to
Mark McIntyre

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.