Due to the computational complexity of the key derivation function and the use of the Wi-Fi’s SSID as cryptographic salt, brute force attacks are very hard to conduct in the presence of random passwords with increasing length. The Wi-Fi password needs to be at least 8 characters long and the key material is mainly derived through the salted key derivation function PBKDF2 in combination with the SHA1 hashing algorithm in HMAC configuration. The WPA2-Personal variant is designed for smaller networks and uses a pre-shared key (i.e., a Wi-Fi password) to derive the necessary key material for authentication, encryption and integrity protection. Today’s Wi-Fi networks are commonly protected with the well known WPA2 protocol defined in the IEEE 802.11 standard documents. In addition, we evaluated our approach with respect to performance and power usage and compare it to GPU-based systems. Since the currently fastest system is not only significantly slower but proprietary as well, we believe that we are the first to present the internals of a highly optimized and fully pipelined FPGA WPA2 password recovery system. In this paper, we present a highly optimized low-cost FPGA cluster-based WPA-2 Personal password recovery system that can not only achieve similar performance at a cost affordable by amateurs, but in comparison our implementation would also be more than 5 times as fast on the original hardware. Well known manufacturers such as Elcomsoft have succeeded in creating world’s fastest commercial FPGA-based WPA2 password recovery system, but since they rely on high-performance FPGAs the costs of these systems are well beyond the reach of amateurs. Professional attackers may thus turn to commercial high-end FPGA-based cluster solutions to significantly increase the speed of those attacks. While attackers typically use GPUs to speed up the discovery of weak network passwords, attacking random passwords is considered to quickly become infeasible with increasing password length. WPA2-Personal is widely used to protect Wi-Fi networks against illicit access.
0 Comments
Leave a Reply. |