WPA / WPA2& GPU attack

Hctor Julio

INFO-F514 - Protocols, cryptanalysis and mathematical cryptology ULB

WHAT IS WPA?

Security protocol

Authentication

Encryption

2

WEP / WPA / WPA2

WEP WPA WPA2

ENCRYPTION RC4 RC4 (TKIP) AES

KEY ROTATION NONE Dynamic session keysDynamic session

keys

KEY DISTRIBUTION Manually typed into each deviceManually/Automatic

distributionManually/Automatic

distribution

AUTHENTICATION WEP Key 802.1X 802.1X

3

RC4

RC4 is deprecated (but is not considered totally broken) 4

RC4

WEP: concatenates root key + IVTKIP: implements key mixing function before RC4

5

TKIP

MIC: Message Integrity Check MSDU: MAC service data unit

6

IS WPA VULNERABLE?

2 kinds of vulnerabilities:

Read the data (decrypt the packages)

Get the authentication key - PSK (domestic networks)

7

IS WPA VULNERABLE?

You need the PSK in order to decrypt packages

You can choose strong protocols

You can use WPA2 with AES

Decrypting packages

8

IS WPA VULNERABLE?

The Handshake is the most critical point, you use the PSK

If you have the 4wHandshake you can bruteforce them

It doesnt mean that WPA/2 is broken

Getting the PSK

9

4 WAY HANDSHAKE

10PMK = PSK + SSID + SSID length

Combinations(Use always symbols!)

Available Characters Using The English Language

Possible Passwords, Two Characters

Possible Passwords, Four Characters

Possible Passwords, Six Characters

Lower-case 676 456.976 308.915.776

Lower- and Upper-case 2.704 7.311.616 19.770.609.664

Lower-case, Upper-case, and Numbers 3.844 14.776.336 56.800.235.584

All (Printable) ASCII Characters 8.836 78.074.896 689.869.781.056

11

Total search timeassuming 5000 WPA Passwords/Second

(Intel i5-2500K w/ 4 cores, 3.3 GHz)

SEARCH TIME Passwords Between 1 and 4 CharactersPasswords Between 1 and 6 Characters

Passwords Between 1 and 8 Characters

Passwords Between 1 and 12 Characters

Numbers Instant 4 minutes 6.5 hours 7.5 years

Lower-case 2 minutes 18 hours 1.5 years 662263 years

Alphanumeric (including Upper-

case)52 minutes 140 days 1481 years Age of the universe*

All (Printable) ASCII characters 5 hours 5 years 48644 years

Age of the universe*

12

* 13 billion years

GPU ATTACKS

A GPU has a lot of cores (hundreds).

Each core can compute one 32-bit arithmetic operation per clock cycle.

CPU work well with extreme parallelism (with same instructions but not same data, and that the GPU advantage for hashing).

Why GPUs?

13

14

Total search time using GPU (Pyrit in GNU/Linux, WSA in Windows)

SEARCH TIME Passwords Between 1 and 6 Characters (Alphanumeric)Passwords Between 1 and 8 Characters (Alphanumeric)

Nvidia GeForce GTX 460 1 GB35 days (Pyrit w/

CoWPAtty)368.9 years (Pyrit w/

CoWPAtty)

Nvidia GeForce GTX 59011.6 days (Pyrit w/

CoWPAtty)122.5 years (Pyrit w/

CoWPAtty)

2 x Nvidia GeForce GTX 590 6.5 days (WSA) 68.66 years (WSA)

AMD Radeon HD 6850 20.4 days (WSA) 214.75 years (WSA)

AMD Radeon HD 6990 5.88 days (WSA) 62.24 years (WSA)

2 x AMD Radeon HD 69903.08 days (Pyrit w/

CoWPAtty)32.97 years (Pyrit w/

CoWPAtty)

15

GPU CLOUD SERVICES Amazon Web Services

NIMBIX

Peer1 Hosting

Penguin Computing

RapidSwitch

SoftLayer16

Time & cost using GPU EC2 Instances (Amazon)

Total time 1Million WPA

Passwords/Second

Passwords Between 1 and 4 Characters

Passwords Between 1 and 6 Characters

Passwords Between 1 and 8 Characters

Passwords Between 1 and 12 Characters

NumbersInstant

Estimated Cost: $0.74

InstantEstimated Cost:

$0.74

2 minutesEstimated Cost:

$0.74

12.75 daysEstimated Cost:

$226

Lower-caseInstant

Estimated Cost: $0.74

5 minutesEstimated Cost:

$0.74

2.5 daysEstimated Cost:

$44.403147 years

Alphanumeric (including Upper-case)

InstantEstimated Cost:

$0.74

16 hoursEstimated Cost:

$11.847 years 103 981 388 years

All (Printable) ASCII characters

2 minutesEstimated Cost:

$0.74

9 daysEstimated Cost:

$159.84231 years Age of the universe

17

CONCLUSIONS

Dont use RC4

WPA is not broken but WPA2 is much better

Use enterprise / RADIUS networks if you can

Use long PSK with alphanumeric characters (as we have seen a few slides ago)

18

SOURCES On the Security of RC4 in TLS and WPA http://www.isg.rhul.ac.uk/tls/RC4biases.pdf

4 way handshake flow http://kimiushida.com/bitsandpieces/articles/flow_diagram_wpa-psk_4-way_handshake/flow_wpa-psk_4-way_handshake.png

GPU cloud services http://www.nvidia.com/object/gpu-cloud-computing-services.html

Wi-Fi security WEP, WPA and WPA2 http://www.hsc.fr/ressources/articles/hakin9_wifi/hakin9_wifi_EN.pdf

Wi-Fi Security: Cracking WPA With CPUs, GPUs, And The Cloud http://www.tomshardware.com/reviews/wireless-security-hack,2981-7.html

TKIP https://msdn.microsoft.com/en-us/library/windows/hardware/ff570952%28v=vs.85%29.aspx

19

WPA / WPA2& GPU attack

Hctor Julio

INFO-F514 - Protocols, cryptanalysis and mathematical cryptology ULB