# Wireless security - Page 4

•  Subject
• Author
• Posted on

## Re: Wireless security

The arguments for security vs. practicality are all nice, but if have a
business that has ANYTHING sensitive being transmitted over the air, DO
NOT use WEP.  It is trivial to break - trust me.

WPA with a password (WPA-PSK) is can be brute-forced by an entity with
use a radius server with WPA.  Most of your cards probably support this
with a driver and/or firmware update, and win XP with SP2 has the
software for connecting securely to a radius server with WPA.

MAC filtering is useless, as any one who knows what they are doing can
bypass this, as you don't even need to crack encryption to see the MAC

Hope this helps,

John Hyde wrote:

## Re: Wireless security

on 10/26/2005 4:55 PM ShadowEyez said the following:

Yeah, I got that message loud and clear.

So, in a brute force attack, how long does it take to try each possible
permutation?  Surely this is a matter of sending each permutation to the
wireless access point and having it accepted or rejected. So how many
can you try a second?  I assume the limitation is not processor speed,
but the turn around time for the wireless nodes to attempt a connection.
I have no concept of how long it would take an attacker.  I know that
when my laptop attempts to connect to a wireless, it takes a few
seconds.  Some of that time is also negotiating the rest of the
connection, so how long is spent up to the point of a WPA password being
accepted or rejected?  This really is the question for whether a
password can be brute forced in the real world.

If I understand the math correctly, a password made up of 5 "diceware"
words (from a dictionary of 7,000 right?) would have 7,000^5 =

If you can do 10 a second, that works out to 315 million tries a year
(3.15*10^8) so it will take about 10 million years.

On the other hand, if you could transmit one attempt each clock cycle of
the sending computer (I assume bus speed, not cpu speed) say 333 Mhz,
then the tries per year is 1.05*10^16.  It would still take 2,000 years
to try all the permutations, but someone might consider this a possibility.

Of course, if the attacker does not know that they are attacking a
Diceware passphrase, then they'll have to try all the alphanumeric
combinations of the same length (Diceware words are 5 letters, right?)
so upper and lower case, numbers and the symbols over the numbers only

So, 26 letters, upper and lowercase, that's 52, 10 numbers and 10
symbols and a 25 character password.  Uh that would be 72^25 or
2.71*10^46.  So, even if you can send one attempt a clock cycle (which I
doubt)  then it will take you 10^30 years.

But perhaps "brute force" means something else.  I'm certainly no
cryptographer. (And not much of a mathmatician either).

Well, that was one of my questions, "is the MAC encrypted by WEP?"  I
guess this would be a "NO."  Still, I would not say MAC filtering is
totally useless.  At least it forces an attacker to wait around until I
connect to see what an acceptable MAC address is.  Not much of a burden,
but it prevents a "drive by."

## Re: Wireless security

[WPA-PSK]

This depends on the entropy your passphrase has. So better use enough
entropy.

Wrong. A dictionary attack any sensible attacker will do first, because
it's likely that words are used, and it can be done without extra costs
before a brute force attack.

Yes, it will be a "No" ;-)

There are only 2^48 possible MAC addresses. And many of them are reserved.
And the manufacturers have fixed address ranges for their NICs.

Yours,
VB.
--
"Ich bin ein freier Mensch und werde jetzt von meinen Freiheitsrechten
Gebrauch machen - und zwar ausgiebig - natürlich nur in dem Rahmen, den
Otto Schily mir noch zur Verfügung stellt."
Wolfgang Clement am 10.10.05 als Noch-Superminister

## Re: Wireless security

John Hyde wrote:

WPA is dependent on CPU speed, and here's why.  When attacking WPA with
programs like Aircrack or COWpatty, the attacker first captures the
4-packet association that WPA always does.  With WPA2 they optimized it
to 3 packet - same in principle but no common software tries to crack
WPA2 AFAIK - this does not mean it's hard to do for a good programmer.

From what I understand WPA's 4-packet association has a
challenge-response in it of a Pre-Shared Key that is hashed (calculated)
using the user-supplied password and the ESSID (name) of the network.
Once the attacker has the captured packets (usually in a .cap file)
(s)he runs the program which basically calculates the hash from the
essid and every password in his/her dictionary.

Paranoia says if a really good attacker wanted to, (s)he could make a
program to go through every combination of pre-shared key (which is 64
HEX digits, so 0-9 and A-F), not even attempting passwords but would get
any possible key, which would take a _long_ time.  Reality says use a
good password (not in a dictionary, I'm assuming you know the rules) and
you'll be fine.

As a point of reference, I have a 3 ghz intel CPU which can go through
around 120 passwords/sec on aircrack.  I shutter to think what NSA or
even a big/well funded company can do with mainframes and clusters of
servers ;-)

Think of it like this - if someone wanted in and could get through WPA,
do you really think MAC filtering would slow them down ;-)

## Re: Wireless security

[snip]

[snip]

In this respect I believe you should know what kind of adversery you are
trying to prevent to access your network.

For you usual neighboors, WEP might be sufficient.
If the adversery is more skilled, WPA(2) could pose a barrier, most
people/organizations won't be able to brake.
If the adversery is the NSA (or similar) I don't think you should have to
worry about wireless security in the first place.

So first estimate the value of your data, the risk of attacks and the costs
(in the larger meaning) of a successful attack.
This way you might be able to deside that for a small office WPA with a
pre-shared key might be sufficient. Considering that installing RADIUS might
be too much of an burden. Ensure your servers are sufficiently secure. Maybe
you should ensure the wireless network has not access to (some of) them.

Of course if you don't have the technical possibilities of implementing WPA,
you should at least try to provide the maximal security that is possible,
meaning WEP. There might be legal reasons to do so. You should verify this,
but I believe in some/most countries you must provide security measures that
are reasonable for what you are protecting.

- Joris

## Re: Wireless security

on 10/30/2005 9:00 AM ShadowEyez said the following:

Uh, I think they'd be better off with passwords.  The math on those
permutations:  16 hex digits, 64 in length = 16^64 = 1.15*10^77. If I
were buying the CPU time, I'd take 10^46 any day.)

Ok, that's an interesting data point.  Note my "one try per clock cycle"
example above.  Here's that math:

333 Mhz = 333,000,000 cycles per second.
333,000,000 * 3600 (sec/hour) = 1.19*10^12 or 1.19e12
1.19e12 * 24 (hour/day) = 2.87e13
2.87e13 * 365 (day/year) = 1.05e16.
If you assume that you can get one try per clock cycle, then this is the
number of tries per year.  To figure the number of years, you can
divide, but it's close enough to just subtract exponents.

That's where the "10^30 years" came from" (1.0e30).

So how can a well funded company do?  Assume from your example that they
have software/hardware that is 10 times as fast = 1200 passwords/sec.
They will need 277,500 such machines working together just to get to my
333 Mhz range.

Naturally you can slice and dice this anyway you want.  Give me more
assumptions and I'll give you another ridiculous number of years (and
\$\$\$) to brute force my password.  Actually, I can give you a guaranteed
way to "crack" the passwords on my home network.  Calculate the cost to
run a server farm of 277,500 for even one year (make sure that you
include hardware, maintenance, etc. or a fair market lease rate), and
then pay me instead. (Cash only please, I'll be opening new bank
accounts)  Remember that even with that install, you are still looking
at 1.0e30 years, and I'll guarantee an answer in much less time. ;-)

Regards,
JH

## Re: Wireless security

One try per clock cycle is not even close to reality.  Depending on the
language the code is programmed in, how well the code is written, the
CPU speed and design, and the OS you're running, your lucky if you can
get 150/sec with aircrack for WPA.  From what I've seen of the aircrack
code, each "try" involves hashing a chosen password with an ESSID with
the HMAC function, meaning there is a lot of overhead with each attempt.
If I get 120/sec with a 3.0 ghz, 3e9/120 = 25e6 (25 mhz) per try, not 1
hz per try.

A paranoid person would say NSA has a back-door for both TKIP and AES
(the WPA and WPA2 algorithms).  Keep in mind the average time to crack a
password is statistically 1/2 the time it takes to "run through" all of
them.

A well funded company would probably have mainframes or clusters with
thousands of times more computational power than my laptop.  A big
company with competent programmers and enough computing power could
probably break through wireless-anything save WPA2 with EAP-TLS radius
and even then...

What a deal ;-)

Back to reality: my recommendation for most plp is to pick a big long
password and use WPA2 if all your equipment supports it and WPA if not,
as setting up a radius server is not for everyone, and WPA support is on
most wireless stuff sold these days.

## Re: Wireless security

On 10/31/2005 4:28 PM, ShadowEyez wrote:

Well, of course.  I never really thought the "1 per" example was
realistic.  But it helps to make a point.  Your example is slower than mine.

Yes, and maybe they do and maybe they don't, but that's not "brute
force" is it?  And does not depend on computing power to solve.

Keep in mind the average time to crack a

Which means that the number of years has a pronuncible name.  What comes

I agree.  Perhaps a million times more?

A big

And even then, if your password is sufficiently random, and long enough,
then the million times more computing power reduces the time to brute
force from 10^30 to 10^24.  Using your figure for statistically 1/2 the
time to solution and it's 10^12 years.  Hey, a trillion, I really can
pronunce that!  I'll still be dead when they're done, but I can
pronounce it!

Oh, absolutely!  The reason that security gets compromised is because
the cypher is cracked (WEP), or compromised (NSA Backdoors?) or because
the users pick their dog's name as the password.  Basically if you can
find a way to pick strong passwords, that's one thing you don't have to

Cheers,

John

## Re: Wireless security

John Hyde schrieb:

i think, this point is clear... but what about quantum computers? seems
to be really unlikely that NSA has some in the very moment :]... but
things can change, eh? i guess they'd be faster this way than guessing
this amount of years (as described above).

however, it will take some time til they get one (if they ever get one).
at least i hope so...

Cheers,
maTze