WPA PSK Cracking, a case for strong authentication

WPA PSK Cracking, a case for strong authentication

Summary: Last week, you may have read the headline "WPA Cracked!" or something to that effect.


Last week, you may have read the headline "WPA Cracked!" or something to that effect. Just to clear things up now, it is not the overall standard that has been "cracked" but the simpler implementation of WPA called WPA PSK (Pre-Shared Keys). This really wasn't a surprise to the security community due to the general nature of PSK implementations, the difference now is that a weaponized form of this exploit has been released in to the wild. In actuality, two WPA Cracking tools were independently released last week. One toolcame from Takehiro Takahashi (a student at Georgia Tech) and the other tool came from Joshua Wright (author of ASLEAP). Both tools clearly illustrate the futility of the reliance on passwords or passphrases for authentication.

The WPA standard itself is fairly broad and covers Wireless LAN security for both the Enterprise and Home environments. PSK mode was really designed for the Home and Home Office environment where it was very unlikely that an Authentication infrastructure is in place to support a strong authentication protocol such as PEAP or TTLS. Well all that may change thanks to a very creative group from the College of Computing at Georgia Tech who formed TinyPEAP. The original group was comprised mainly of 2 recent alumni Brian Lee and Jim Gruen along with the guidance of Dr. Wenke Lee and Dr. Richard Lipton. Recently, they've added Takehiro Takahashi (mentioned above) to the teamwho is near graduation himself fromGeorgia Tech. TinyPEAP is a prototype Authentication server that is currently being tested as a plug-in on Linksys Wi-Fi gear. Rather than being satisfied with WPA PSK mode which has now beenprovento be susceptible to dictionary attacks, TinyPEAP allows the home user to implement the same type of strong security that was once exclusive to the Enterprise.I'll be keeping a close eye on this very exciting product and I'll be giving them lots of suggestions and feedback on this project so stay tuned!

Topic: Wi-Fi

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


1 comment
Log in or register to join the discussion
  • Tiny Peap on Linksys 4400N

    Can you tell me how I would run this on a Linksys 4400N wireless router.
    Do tou have step by step for people who are busy.
    What hardware do I need beside a router?
    Do I need a server or stand alone pc. What OS ?
    What are basic entries needed for a small network of 5 -15 devices.
    How do you obtain and adminstrate security certificates.
    How are they made to work in conjunction with TINY PEAP.

    IF you put this in a set by step doc. More people will adopt it.