GPUs Used To Crack WiFi Passwords Faster

MojoKid writes "Russian-based ElcomSoft has just released ElcomSoft Wireless Security Auditor 1.0, which can take advantage of both Nvidia and ATI GPUs. ElcomSoft claims that the software uses a 'proprietary GPU acceleration technology,' which implies that neither CUDA, Stream, nor OpenCL are being utilized in this instance. At its heart, what ElcomSoft Wireless Security Auditor does is perform brute-force dictionary attacks of WPA and WPA2 passwords. If an access point is set up using a fairly insecure password that is based on dictionary words, there is a higher likelihood that a password can be guessed. ElcomSoft positions the software as a way to 'audit' wireless network security."

Re:Brute-force password guessing not a problem

[Anonymous Coward]

My WPA password is larger than 15 characters.

Isn't best practice greater than 32 for WPA? The maximum is 63 I believe.

Re:Brute-force password guessing not a problem

[Spazztastic]

Since you generally never have to type a WPA key in, might as well go for maximum entropy.

https://www.grc.com/passwords.htm [grc.com]

Or not even using something that is transmitted over the internet and is TRULY random:

dd if=/dev/urandom bs=200 count=1 | tr -cd 'A-Za-z0-9!@#$%^&*()_+'; echo

Credits go to someone from the Stupid (Useful) Linux tricks thread.

Re:Brute-force password guessing not a problem

[Shakrai]

I question the wisdom of relying on a third party website to generate passwords for you. At least they are using ssl but how do you know they aren't keeping those passwords? How do you know they are generating them with real entropy?

Diceware [std.com] is a better bet, IMHO. You can generate them offline and with a good set of dice you get real entropy. You can use the instructions on that webpage to generate totally random passwords or to generate passwords with words in them that are easy to remember but still pretty secure/random.

Re:It's red

[Anonymous Coward]

Ricardo Montalban Dead At 88 [slashdot.org]

Re:Brute-force password guessing not a problem

[jellomizer]

guessmypassword
123456789111111
                  012345

isn't a good password.
Most Brute Force attacks are a little smarter then 1,2,3,.....,ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
Lets go threw the dictionary first (Caps on, Caps Off and caps with the first letter and without it).
Lets go threw the dictionary and followed by numbers between 0,99999999
Do the same with the numbers prefix the dictionary word.
Try Numeric Combinations.
Try Alpha Combinations.
Finally try everything else.

So by adding More CPU's You can crack most passwords in usable order of magnitude faster.

All the GPU is really doing is just working as an addition processor array for calculations. No big deal everyone though about using them for parallel processing once they got near the power of most CPUs.
It is just using them for evil purpose.

Re:Brute-force password guessing not a problem

[AlXtreme]

Or not even using something that is transmitted over the internet and is TRULY pseudorandom:

There, fixed that for you.

Re:Brute-force password guessing not a problem

[MasterOfMagic]

Take anything that Steve Gibson claims with at least a grain of salt, preferably a whole shaker [google.com].

This is the same person that flat out accused Microsoft of putting the WMF exploit in Windows purposely so they'd have a way to get into any system. He had to backpeddal quickly from that claim.

Pardon me if I don't trust his judgment or his code.

Great Program

[JimmyRay_TWTV]

I tested this program for a upcoming show and I really liked it. The cost is high for most regular folks, so it is geared more towards Government/Commercial. For a nice open source option, I also recommend Pyrit. I had a few issues importing Aircrack files, but most of those have been resolved.

Re:Brute-force password guessing not a problem

[wastedlife]

From the product website:

Elcomsoft Wireless Security Auditor works completely in off-line, undetectable by the Wi-Fi network being probed, by analyzing a dump of network communications in order to attempt to retrieve the original WPA/WPA2-PSK passwords in plain text.

TFA is misunderstanding the way the app functions, it listens to the network until a certain amount of information has been sent, then attempts to decrypt that data locally. Sending wave after wave of login attempts is easily detectable and would almost certainly bottleneck somewhere at the network level before CPU.

Re:Brute-force password guessing not a problem

[Anonymous Coward]

It's an offline attack. You passively capture the key exchange between AP and client and then try to find the password which decrypts it. The last step involves lots of independent computationally intensive calculations, so it benefits from a faster processor or a multicore system like a GPU. A rainbow table ("create your dictionary once") is not an option because the interaction is salted (that's also why you need the key exchange packets, not some random packets after the key exchange). This really is a brute-force/dictionary attack, not a vulnerability of the protocol, so if your password is long and random, you have nothing to worry about, for now.