13

from what I'm reading online it seems that one can land attacks and successfully crack a WPA2-PSK wifi network, is that true and if it is, how home users can secure their networks? I seen an application on android that can reveal the wifi password even with WPA2 and it was not a trick.

I know that there is a vulnerability with WPS, even when using WPA2, but aside from that is WPA2-PSK really secure?

mohas
  • 233
  • 2
  • 6
  • 5
    Can you link to what you were reading, and the app used? As I understand it, WPA2-PSK is cracked by brute-forcing the password. In that case, just use a strong password. – ztk Nov 25 '15 at 20:55
  • [this](http://null-byte.wonderhowto.com/how-to/hack-wi-fi-cracking-wpa2-psk-passwords-with-cowpatty-0148423/) or [this](http://www.wirelessdomination.com/how-to-crack-wpa2-wifi-password-using-reaver-wpa2/) – mohas Nov 25 '15 at 21:29
  • 3
    The first link is for a bruteforce offline, rainbow table attack (not an indication that WPS2-PSK is insecure), and the second is for WPS (a different technology that should simply be disabled on your router). – schroeder Nov 26 '15 at 04:52

3 Answers3

21

There are two (main) modes in which to run WPA2. You can use enterprise mode or pre-shared key (PSK) mode.

If you run in enterprise mode you need to set up an authenticating RADIUS server, and configure certificates on the clients that will connect to the access point. Furthermore you need to configure the AP will all the relevant information. This level of effort is well beyond the abilities of a typical user.

WPA2-PSK mode uses a pre-shared key that both the client and AP know. This is the password, and simply using a password is within the technical abilities of most users. The password is never actually exchanged when a client connects to an AP. Instead there a is a four way handshake that occurs. Through this process the client can prove to the AP that it knows the PSK.

WPA2-PSK is not really insecure. Instead I would say it's vulnerable to a brute force attack. If an attacker can capture a 4 way handshake (a trivial task) they can run that handshake through a dictionary in order to derive the PSK. This is the key part. Just like with normal password hashes long, complex passwords are they key to making the brute force attack un feasible.

As a final note: WPA2-PSK networks are "salted" with the name of the AP. Rainbow tables exist with precomputed hashes for the most common AP names that exist (think "hilton-hhonors", "starbucks" etc). A way to get a unique salt (and thus defeat the rainbow table) is to have a unique AP name.

Edit: If you're curious about what a "good" password length then is if you have to use PSK? According to IEEE 802.11i (the amendment that details WPA2)

A pass-phrase typically has about 2.5 bits of security per character, so the pass-phrase mapping converts an n octet password into a key with about 2.5n + 12 bits of security. Hence, it provides a relatively low level of security, with keys generated from short passwords subject to dictionary attack. Use of the key hash is recommended only where it is impractical to make use of a stronger form of user authentication. A key generated from a pass-phrase of less than about 20 characters is unlikely to deter attacks*.

*Emphasis mine. However keep in mind 802.11i was published in 2004. Computing power has since changed. I would still agree though that 20 characters is pretty good.

KDEx
  • 5,011
  • 2
  • 21
  • 35
  • These are all good points, but the application I saw the other day was using a vulnerability, because it could find passwords withing seconds, what are possible vulnerabilities a WPA2-PSK network would have, like using TKIP or leaving WPS on? – mohas Nov 25 '15 at 21:31
  • 4
    @mohas both tools you linked to attempt nothing novel. CowPatty is for precomputed hashtables and reaver is used in WPS which is something you should just disable on your router – KDEx Nov 25 '15 at 21:37
  • 1
    Wouldn't most super-common public SSIDs not be using encryption at all? Rainbow tables would still perhaps be handy against the default SSIDs for consumer access points (wlap-ap, etc.) – Coxy Nov 26 '15 at 04:11
  • @Coxy your comment does not make sense. – schroeder Nov 26 '15 at 04:54
  • @Morgoroth would you make your answer complete by stating a good passphrase length to preventing brute force attacks to succeed in a reasonable time? – mohas Nov 26 '15 at 07:56
  • @mohas added the edit in – KDEx Nov 26 '15 at 08:25
2

I know that there is a vulnerability with WPS, even when using WPA2, but aside from that is WPA2-PSK really secure?

Define secure. In the general sense, if you have WPS disabled, are using a long PSK and avoid default SSIDs, you should be okay. Unless you have a reason to have your network targeted by an entity with resources to brute force your network, you will likely be more than safe enough.

There are a few things on the horizon that have promise for some increased security options. First, the Wi-Fi Alliance proposed WPA3 as a certification track to improve on WPA2. While WPA3 is not standards based (i.e. it is not based on an amendment to IEEE 802.11) and has several flaws, it shows there is interest in improving wireless security before WPA2 becomes irrelevant. I expect it to join WPA in the history books when replaced by a relevant standard, but just like WPA take it for what it is...namely a non-standard attempt to improve on the previous wireless security standard.

Second, top enterprise wireless solutions are already shipping with the capability to define PSKs per device. This is not standardized and different vendors do it differently at present, but this means that cracking a PSK is less damaging and exploitation may be more noticeable (if a PSK is tied to a MAC address, cloning the MAC is possible, but will often result in connection problems for both devices attempting to use the MAC). When many vendors (who are heavily invested/involved in IEEE and WFA) tend to find value in a feature like this, it often becomes standardized and implementation can start trickling down to consumer devices.

Third, the simple fact that there is more discussion about WPA2 and if it is secure, by users and media alike. While the IEEE currently doesn't have an 802.11 working group tasked with a security amendment, I would not be surprised if one is started in the next year or two.

how home users can secure their networks?

  1. Disable WPS. Number one security vulnerability on home wireless networks is WPS.
  2. Keep device drivers and firmware up to date. This applies to both the AP/gateway device and to all wireless clients.
  3. Use a long PSK. 20+ characters is often considered enough, but most devices will accept a PSK up to 63 characters in length.
  4. Choose your SSID name with some thought.
    • You want to avoid using something too common as it is used along with your PSK to generate your encryption. Common SSIDs can have pregenerated hash tables to compare against.
    • You want to avoid using an SSID that is too uncommon. If your SSID is too unusual, it can potentially be used as a means of locating your home. There are a number of publicly available online databases that contain information (often including coordinates) that can be queried.
YLearn
  • 3,967
  • 1
  • 17
  • 34
1

I have done wireless pentesting, I recommend using strong passwords for WPA2-PSK and changing them every now and then.

a strong password will make it harder to brute force the password after capturing the 4-way handshake.

you should also as a home user disable WPS which is according to what I saw is being used everyone.

using the WPA2-Enterprise will not be as helpful as people think unless you have a valid Server Certificate and set the clients to verify server certificate

you could enable things like Hidden SSID, MAC Filtering but those as well will be an easy task to get and bypass.

P3nT3ster
  • 867
  • 7
  • 10