Once thought safe, WPA Wi-Fi encryption is cracked

#3
Not exactly 'news'. Even WPA2 isn't totally secure.

If you think you have something that is secure and somebody with a bit of cash and knowhow wants, don't use wireless. Easy.

If you are just a home user, WPA and a firewall will keep the locals from accessing your files and prevent people from using your wireless as broadband access. You aren't worth the time or effort.

Unless you do have something 'dodgy' on your computer? :?
 
#4
doomsayer said:
Or just use your graphics card and run a simple dictionary attack to crack both WPA and WPA2...
Assuming the other person has used a dictionary word...
 
#6
monkeyspanker said:
Saw it cracked over a year ago.

Even back then, cert based encryption was the only way to be safe from Rainbow tables.
Link?
 
#8
And that says that WPA has been cracked where?

Points to note:

A rainbow table is ineffective against one-way hashes that include salts.

Also, rainbow tables and other precomputation attacks do not work against passwords that contain symbols outside the range presupposed, or that are longer than those precomputed, by the attacker. Because of the sizable investment in computing processing, Rainbow tables beyond eight places in length are not yet common. So, choosing a password that is longer than eight characters or that contains non-alphanumeric symbols may force an attacker to resort to brute-force methods.
 
#9
Don’t have a link to the crack as it was shown as a demo during a security seminar.

“Freely” available Rainbow tables now cover values of up 10 characters.

As with all matters security, the key is the confidentially, integrity and availability of systems and data.

Encryption only covers the first two.

Wi-Fi should not be used for any system that is critical as it can be jammed by anyone, even just for a “Shits and giggles” DoS attack.
 
#10
msr said:
doomsayer said:
Or just use your graphics card and run a simple dictionary attack to crack both WPA and WPA2...
Assuming the other person has used a dictionary word...
The Elcomsoft password cracking software also does brute force - it just depends on how much processing power and time you have. However, use the longest and most complex password you can be bothered to deploy and you take it beyond the realms of the average script kiddie!
 

Top