[AusNOG] WPA2 Wireless Security Crackable With "Relative Ease"

Serge Burjak sburjak at systech.com.au
Wed Apr 2 11:10:10 EST 2014


I have the paper. Digesting it now.

"Deauthentication and brute force attacks have been selected as our
proposed methodology"


Serge

On 24 March 2014 07:17, Greg <mclennan at internode.on.net> wrote:
>     I agree Glen. There is nothing new to add to already known flaws in the
> overall system.  Was there a pay per view for this journal/research review
> paper?  Maybe they must found the web site "https://www.cloudcracker.com/"
> and got an idea..
>
> Regards Greg
> ..
>
> On 23/03/2014 10:52 PM, Glen Turner wrote:
>
> Could someone explain to me what is new here?
>
> In their experiment, they carried out a brute force attack on the password
> protecting the WPA2 network and managed to succeed. According to their
> findings, the time needed to break into a system increases the longer the
> password used.
>
> The requirement for PSK keys to be long and random to resist brute forcing
> is well known.
>
> The weakest point, the researchers believe, is the de-authentication step
> involved in the wireless setup.
>
> As part of their security protocols, routers using WPA2 must reconnect and
> re-authenticate devices periodically and share a new key each time. The team
> points out that the de-authentication step basically leaves a backdoor
> unlocked albeit for a limited period. This period, however, could be long
> enough for a fast-wireless scanner and a determined intruder.
>
> The statement is "researchers believe" not "researchers have proven" or
> "researchers have demonstrated".
>
> The Abstract is in the modern style, selling the paper rather than
> explaining what the paper adds to the field.
>
> -glen
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>


More information about the AusNOG mailing list