WPA2 Wireless Security Crackable WIth "Relative Ease" 150
An anonymous reader writes "Achilleas Tsitroulis of Brunel University, UK, Dimitris Lampoudis of the University of Macedonia, Greece and Emmanuel Tsekleves of Lancaster University, UK, have investigated the vulnerabilities in WPA2 and present its weakness. They say that this wireless security system might now be breached with relative ease [original, paywalled paper] by a malicious attack on a network. They suggest that it is now a matter of urgency that security experts and programmers work together to remove the vulnerabilities in WPA2 in order to bolster its security or to develop alternative protocols to keep our wireless networks safe from hackers and malware."
this is not news (Score:5, Interesting)
This sounds like the classic de-auth, handshake capture, then brute force attack.
It's still a bitch to crack without G.O. resources. Moxie has a service that will try for you...
Re:EAP? (Score:5, Interesting)
Can't tell what exactly the paper is about due to a paywall and the fact that the article was written by someone not very techincal.
EAP-TTLS, as long as you are validating the server certificate, is pretty safe. Safer with a locally managed CA and installed client cert, but at least as safe as the web browsing you'll be doing on it after connecting anyway. The safety advantage to WPA-Enterprise over WPA-PSK is mainly due to the fact that you don't have to distribute the same easily-cloned PSK to every client. In addition, if installing and validating client certificates (not the usual mode for EAP-TTLS) they can be locked to specific user accounts. For keeping out the riff-raff they can be locked to MAC addresses as well but that only serves to ban the amateurs.
Re:EAP? (Score:5, Interesting)
I understand this is about recovering the PSK. This would mean that authentication using a certificate, such as EAP-TTLS is still safe. Correct?
I would say in practice "enterprise" password authentication via TLS (PEAP-* and TTLS-*) is the least secure authentication method for the simple reason virtually no client is configured properly to validate both certificate and identity.
The end result TLS is effectively subject to MITM attack for the overwhelming majority of clients...leaving squishy inner PEAP/TTLS authentication protocol (all completely worthless)
In my view EAP-TLS with mutual certificate authentication is still the most secure authentication option available.
Stanford's SRP protocol would be awesome to protect WPA passwords I believe it could be implemented with minimal changes to existing TLS stacks ... simply do TLS-SRP via EAP-TLS EAP method instead of the cert auth ... you get secure password authentication without the offline attack vector, or having to implement a new EAP method from scratch.