Wi-Fi Security: Cracking WPA With CPUs, GPUs, And The Cloud

Page 3 - Seeking answers? Join the Tom's Hardware community: where nearly two million members share solutions and discuss the latest tech.
Status
Not open for further replies.
G

Guest

Guest
Correct me if I'm wrong but none of those applications use QuickSync or integrated gpu at all?
So altough it does test "cpu" it doesn't make full use of "processor".

We've all seen for example:
http://www.tomshardware.com/reviews/core-i7-2820qm-sandy-bridge-mobile,2838-12.html
Where Integra&QuickSync provided a nice boost.
Of course there is still no competition to dedicated gpu based decoding.

Enjoyed the article, but there is still more to get from Sandy Bridge and I really wonder how much. (2x? 10x?)
 
G

Guest

Guest
Running your network at 5ghz is also an additional security since most wifi cards operate at 2.4ghz only.
 

acku

Distinguished
Sep 6, 2010
559
0
18,980
[citation][nom]slicedtoad[/nom]Damn, i hate making mistakes while pointing out others'. My point still stands though, a two word password is far stronger than a two character one because of the number of elements (words/ascii chars).Now let's see if i can get some math right this time.A two word password has 9e10 possibilities. The equivalently strong random ascii password would be between 5 and 6 chars (7e9 and 6.9e11).Three words = 2.7e16 equivalent to 8 to 9 chars (6e15 and 5.7e17).Four words puts you at 8e21 which is just past 11 randoms (5e21).So, if my math was right that time, four random words are just as safe as 11 random ascii printables. They are also a lot easier to remember.An example:4 randomly generated words: "brushing haystack jesting drag"11 random ascii chars: "Qb+L`nrh},}"Unless you have a very strange memory, the words are far easier.[/citation]

You're still going to want to bring that estimate down. Modern conversational English contains words in the tens of thousands. The appropriate search space would begin with a base of 15k to 20k elements not 300k!

Cheers,
Andrew Ku
TomsHardware.com
 
G

Guest

Guest
"Infinitesimally" means "by the smallest amount". Is this really what is meant?
 
G

Guest

Guest
Once, I saw a wifi bssid named: sex for pass
I was like wtf!
Btw, I didn't get the pass XD
 

GPGPUUser

Distinguished
Aug 29, 2011
2
0
18,510
Some hint for those GPGPU-inclined persons:

AMD 5xxx series cards are even BETTER than AMD 6xxx series, actually. For example, AMD 5850 would compute better than AMD 6850 does, regardless of being previous generation. This is because AMD has reduced number of SIMD cores in 6xxx series compared to 5xxx series with the same name (so they have cooler, smaller and cheaper ICs within the same naming) while improving graphic-related blocks like tesselators (and you do not need those for computations so you do not benefit here).

So for those who seeks a best password-cracking GPU, AMD 5xxx is an absolutely best thing they can get.
 

GPGPUUser

Distinguished
Aug 29, 2011
2
0
18,510
Ahh, forgot to add: if you want to see how some GPU performs in a password-cracking-like computations and how efficient it is overall, it could be a good place to start: https://en.bitcoin.it/wiki/Mining_hardware_comparison

While these guys are not exactly password crackers, their computation jobs are very similar to password bruteforce anyway, therefore you'll see very similar results in password cracking as well.
 

livebriand

Distinguished
Apr 18, 2011
1,004
0
19,290
I simply use the 16-character randomly generated password that my Motorola router made up. 3bnFjk298nFnvb4G is a bit hard to guess with brute force. Oh, and my network is WPA2 AES ONLY. I only have to type it in once and that's it. Good luck hacking my network. But then again, I doubt anyone would try to hack it. I live in a neighborhood with single-family homes, I can barely pick up a neighbor's network (with NO security) and the neighbor on the other side of my house doesn't even know how to use a computer. I even changed that neighbor's router password and it's still set to what I changed it to, a year later. Clearly they never tried to get into it. That's what you get when the router password is 'password'. Good luck hacking my network...
 

cgjrdl

Distinguished
Sep 12, 2011
1
0
18,510
Question: if I configure every machine on my home network to be an openvpn client and have them connect to an openvpn server, either using one of the online vpn privacy services or my own cloud server running openvpn, would this not encrypt the actual packets travelling over my WiFi network, thereby preventing them from being 'sniffed' in any useful way? Let's assume the vpn is 'correctly' implemented and uses a 2048-bit asymmetric key and 256-bit symmetric key.

I realize openvpn isn't yet that consumer-friendly but I'm just wondering if this provides security coming at it from a different angle?
 
G

Guest

Guest
Thats why USA army bought 3000 PS3... :) 20000pmk/s x3000 = 60 000 000 pmk/s immpresive
 

x Heavy

Distinguished
Aug 16, 2011
392
0
18,810
Well, I know that my wireless is disable. I sniff for it within my home now and then. Kinda hard for someone to sit in the street with a laptop long enough to get in.
 
G

Guest

Guest
Interesting article, especially if you consider the implications and 'improvements' possible. Liability for clouds for instance. Drop into ASM, machine code, and/or custom processor microcode would gratly accelerate. Ability to parallel process via shared resources like cell phones or internet computers (even via virus enlistment) would make even the 'impossible' ones quite possible.
The big boys likely have quantum, but such thoughts as these can surely bring a lot of concern to the rest of us.
 
G

Guest

Guest
sure would be nice to get to whole article in pdf format. This is 2011 right? Or are page hits that much more valuable that being user friendly?
 
G

Guest

Guest
This may be outside the scope of this topic. But I was wondering how TKIP or AES affects WPA/WPA2? Also, how does a "passphrase" compare to a password. Does a Key Renewal timeframe help with preventing a brute force or other type of attacks? Thanks.
 
G

Guest

Guest
Some home routers can turn off/on WiFi by schedule. No-one is at home for school/work then schedule to turn off. No-one uses WiFi at night? Turn off 12-8 am. Treat WiFi as programmable heater/AC… Example: See NETGEAR WNR3500L w/ Firmware Version 1.2.2.44 & up. "New Features: Scheduled Wi-Fi on/off." No Signal = No Cracking
 

bobthebuilder2

Distinguished
Oct 6, 2011
3
0
18,510
you can make long password by using memorable sentences

why cant i come up with a good password for my network

as:

whycanticomeupwithagoodpasswordformynetwork

is 46 chars and 12 words long. assuming 1000 words (low) in the dictionary, a 12 words password has 10^36 combinations, 46 chars (counting only 26 alphabetical lower case letters) password will have 10^65 combinations. the password is easy to remember, can be hidden among your writings (in a journal as an entry on your birthday for example) and with one trillion 6990's (@100k/s), it would take more than the age of the universe to crack it on average.

and you have to say that it is easier to remember than 54Lo7C@tsRfun
 

bobthebuilder2

Distinguished
Oct 6, 2011
3
0
18,510
you can make long password by using memorable sentences

why cant i come up with a good password for my network

as:

whycanticomeupwithagoodpasswordformynetwork

is 46 chars and 12 words long. assuming 1000 words (low) in the dictionary, a 12 words password has 10^36 combinations, 46 chars (counting only 26 alphabetical lower case letters) password will have 10^65 combinations. the password is easy to remember, can be hidden among your writings (in a journal as an entry on your birthday for example) and with one trillion 6990's (@100k/s), it would take more than the age of the universe to crack it on average.

and you have to say that it is easier to remember than 54Lo7C@tsRfun
 

bobthebuilder2

Distinguished
Oct 6, 2011
3
0
18,510
you can make long password by using memorable sentences

why cant i come up with a good password for my network

as:

whycanticomeupwithagoodpasswordformynetwork

is 46 chars and 12 words long. assuming 1000 words (low) in the dictionary, a 12 words password has 10^36 combinations, 46 chars (counting only 26 alphabetical lower case letters) password will have 10^65 combinations. the password is easy to remember, can be hidden among your writings (in a journal as an entry on your birthday for example) and with one trillion 6990's (@100k/s), it would take more than the age of the universe to crack it on average.

and you have to say that it is easier to remember than 54Lo7C@tsRfun
 

jowunger

Distinguished
Aug 7, 2008
106
0
18,680
I don't understand all that mambo-jumbo. I use WPA2 'and' MAC-ADDRESS to allow users using the internet. Even with MAC-Address changer program AND the right password you cant get it. The solution is as simple as it never seemed before:

1. Use WPA2 (or the best encryption you can get)
2. Only allow certain MAC Address to connect to you router/AP.
3. Sleep in peace

So even if someone cracks your (hard to crack..) password, then they still cant connect to your network because of wrong mac address.

Important is to change ALL 00:00:00:00:00:00 in your router to random mac addresses, else it is to easy to connect with an MAC ADDRESS CHANGER just with 00:00:00:00:00:00

Have a nice sleep =)
 
G

Guest

Guest
My WPA2 key is 63 characters long. No reason to go any shorter.
 

freggo

Distinguished
Nov 22, 2008
2,019
0
19,780
Question : If you 'test' 100,000' password a second do you use this on a bit of data captured from the network or do you actually contact the router 100,000 times ?

If the later is the case simply limiting the password check speed of the router to 1 password/second would solve the problem.
Just like you do on a website login. Either limit the speed at which you can submit your password, or limit the number of falsoe entries you are allowed.
 
Status
Not open for further replies.