ALERT: WPA can be less secure than WEP

WPA-PSK is vulnerable to attack, and can be even worse than WEP!
BAD: "vintage wine"
GOOD: "floor hiking dirt ocean"
(pick your own words, even longer is better)
Weakness in Passphrase Choice in WPA Interface
By Glenn Fleishman
By Robert Moskowitz
Senior Technical Director
ICSA Labs, a division of TruSecure Corp

The offline PSK dictionary attack
Just about any 8-character string a user may select will be in the
dictionary. As the standard states, passphrases longer than 20 characters
are needed to start deterring attacks. This is considerably longer than
most people will be willing to use.
This offline attack should be easier to execute than the WEP attacks.
Using Random values for the PSK
The PSK MAY be a 256-bit (64 hexadecimal) random number. This is a large
number for human entry; 20 character passphrases are considered too long
for entry. Given the nature of the attack against the 4-Way Handshake, a
PSK with only 128 bits of security is really sufficient, and in fact
against current brute-strength attacks, 96 bits SHOULD be adequate. This is
still larger than a large passphrase ...
Pre-Shared Keying is provided in the standard to simplify deployments in
small, low risk, networks. The risk of using PSKs against internal attacks
is almost as bad as WEP. The risk of using passphrase based PSKs against
external attacks is greater than using WEP. Thus the only value PSK has is
if only truly random keys are used, or for deploy testing of basic WPA or
802.11i functions. PSK should ONLY be used if this is fully understood by
the deployers.
See also:
Passphrase Flaw Exposed in WPA Wireless Security

Wi-Fi Protected Access. Security in pre-shared key mode

Cracking Wi-Fi Protected Access (WPA)

WPA Cracker

Reply to
John Navas
Loading thread data ...
John Navas wrote in news:qA3lf.125865$
That article was dated November 04, 2003. Do try to keep up.
Reply to
Frazer Jolly Goodfellow
[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]
Just as relevant today. Do try to pay attention.
Reply to
John Navas
once again with the FUD. Yes, it's vulnerable to attack. No, it isn't worse than WEP. WEP's problems are intrinsic. WPA's are trivially correctable.
Reply to
Derek Broughton
[POSTED TO alt.internet.wireless - REPLY ON USENET PLEASE]
Again quoting from a real expert:
"The risk of using passphrase based PSKs against external attacks is greater than using WEP."
Reply to
John Navas
Use an old song book, poetry book, or some such. Choose a song, poem, or what ever, then use the first letters of the first paragraph, interspersed with the page and article (song) number to generate a pass phrase of 20 or more characters.
Reply to
Gordon Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.