State of the Art in WPA/WPA2 Passphrase Cracking – Part 1

In my previous article in this series on mobile security, we discussed that the primary technique for getting access to a network secured by a WPA/WPA2 pre-shared key (the most common type, frequently used at home and for corporate guest networks) relies upon methodically guessing the passphrase. (By the way, there is another type of attack that goes after the PIN for Wireless Protected Setup, which we’ll discuss in the future).

So what’s involved to attack the passphrase?

1)      A test to verify if you’ve found a correct value or not. In order to avoid detection, one can’t use the actual target. In order to test millions of values to find a match, a method of offline testing is necessary.

2)      A methodology to guess passphrases. The worst case scenario is to brute force the passphrase, namely trying every single possible combination of numbers and characters until a correct value is found. This can produce a correct result given enough time and computing power, but there are much faster ways to take educated guesses without having to resort to brute force. By using educated guesses on possible passphrase candidates, the attacker can scan a much shorter list.

In the early days of password cracking, a UNIX system admin had knowledge of the password hash value and the system’s hash function. The admin has no way to “decrypt” the passphrase, since the original plaintext is not recoverable from a hash. However, by taking a list of words and testing them in the hash function, the admin could determine if the result matched what was stored in the user’s account. So while the passphrase can’t be decrypted, it is possible to find if a given input produces a correct result. With the addition of more computing power, the admin could try longer word lists, as well as try a number of variations of each word before having to try brute forcing. System admins responded to weak passphrases by introducing rules to add complexity (minimum number of characters, mix of alphanumeric characters and symbols) as well as reduce the lifespan of a given passphrase (i.e. password change rules).

In the attack scenario, the hacker could not try authenticating with millions of different password values. The account would be locked out after a small number of incorrect attempts, and it would be obvious to a system admin that there was suspicious activity occurring. In order to perform offline attacks, the attacker still needed to get the password hash values, and thus required some method of getting in the system to extract the hash values prior to making any attempt to break weak passwords. Thus even weak passwords had some element of protection from being easily exploited.

Now let’s think about all of this applies to the WPA/WPA2 passphrases used in the wireless network security. The limitations that would otherwise strengthen the passphrase start to disappear:

1)      The material needed to test possible passphrases does not require access to the protected environment. The attacker can obtain everything they need without having to access the network at all.

2)      Home wireless networks are typically set up for convenience rather than security, so simple passphrases are chosen in favor of more complicated ones.

3)      Changing the wireless passphrase requires manually changing the settings of every connected device. In general, most people will not change their passphrase on a regular basis.

The types of devices that connect to the wireless network are diverse. It’s no longer just laptops that are connecting, but rather entire families of devices that have no keyboard at all, such as mobile devices, tablets, video game systems and smart TVs. Indirectly, this creates even greater pressure to choose very simple passphrases, because it very time consuming and frustrating to input even simple passphrases on many devices without keyboards.

For example, my Blu-Ray player has support for Wi-Fi, and it requires entering the passphrase on a remote control using the directional buttons on a virtual keyboard that appears on the screen. Entering a capital letter requires activating the shift button, moving over to the correct letter, and then deselecting the shift button to enter the next letter. Mistype a character, and one has to cursor over to the delete button on the keyboard, since there isn’t a delete key on the remote control.

It’s not a process that someone would want to do repeatedly. It not something people would want to do on multiple devices, because each device has a different interface.

As a result, a wireless passphrase is much less likely to be something that looks like $UcD)*@Ecx and much more like julia76. The former would most likely require brute forcing, while the latter could be broken through a dictionary attack.

With weak passphrases more common and less frequently changed, in the upcoming posts in this series, I’ll cover the details about how password cracking is advancing from the methodology standpoint, using both improvements in technology as well as the understanding of human behavior.