Wireless (Wi-Fi) Security Interview

René Pfeiffer/ August 20, 2012/ Discussion, Press, Security, Stories

Today we had a visit from an Austrian television crew to answer some short questions about wireless security. It’s too bad that journalists always look for „hackers“ who „hack something“. While we had no idea what they were talking about, we delivered a short summary of wireless security. For most of you this is old news, but for a broad audience in front of TV sets it’s still a mystery. Usually no one really know what the difference between WPA and WPA2 is. In addition you have WEP and WPS, in-depth you have TKIP and AES, too. All of this sounds pretty intimidating. If you add some cinematic scenes, you can imagine the hero (or evil villain) discovering a wireless network, pressing some keys and gaining access mere seconds later. Defences have been breached, critical information will be accessed (that’s why you only have a single network and a single security measure) and you will be doomed (again, because you probably were from the start).

Security configurations will be different for your typical or atypical wireless network. WPA and WPA2 is widespread. WEP is barely in use (but you can find some of these networks still), so let’s forget about it. Everything that stands between your network and the evil overlord with his or her laptop parking in a van outside is the password (or passphrase) you use. It’s possible to use up to 63 characters. You should use a sufficiently long and random passphrase. 63 characters will be perfect; you can copy & paste the passphrase on real computers, and you can probably use QR codes for the hardware without proper keyboards (just make sure the malicious apps you have installed are not listening). The less characters you use, the more likely someone can guess your key. This is especially true for words or fragments thereof found in dictionaries. So please think of something else or use combinations.

Of course this is all irrelevant for enterprises for they have all implemented enterprise WPA/WPA2 and will never be compromised. Just to keep sarcasm short, they won’t, but that’s for one of the future interviews about infrastructure security.

Now you know what all of these Wi-Fi MacGyvers do – they brute-force keys. Once you got a lot of processing power (either in terms of CPUs or GPUs) trying lots of keys requires less time. Brute-forcing is best when done in parallel. This is where the Dreaded Cloud™ comes in. Clouds usually have lots of processors and can do parallel computing on their infrastructure. So you could write an app that scouts local Wi-Fi networks, captures relevant information for brute-forcing the keys and send everything to the Cloud of your choice for trying millions of keys in a short time. We briefly talked about this, too, but for mere academic purposes. No one would ever use the Cloud for Evil, don’t you think?

We left out using superencryption and other arcane tricks since your typical home Wi-Fi network doesn’t use it. Enterprises would, but then we’d be back to sarcasm. ☺

As soon as we have an idea when and if the interview will be broadcast, we’ll send you a tweet.

Share this Post

About René Pfeiffer

System administrator, lecturer, hacker, security consultant, technical writer and DeepSec organisation team member. Has done some particle physics, too. Prefers encrypted messages for the sake of admiring the mathematical algorithms at work.