nytt sätt att knäcka wpa2 ?

Thus far, WPA2 is considered to be amongst the most secure protocols. However it has several security vulnerabilities. Until now there has not been a complete and fully successful methodology capable of exposing the WPA2 security. This paper provides a novel way of successfully exposing WPA2 security issues by using a complete dictionary that generates all the possible printable ASCII characters of all possible lengths.

The 802.11i deauthentication process presentsa ‘flaw’ on its security system. During that process, clients (STAs) are forced to reconnect and re-authenticate to the correspondent AP, having as a result the capture of an instance of the preshared key. In the case of WPA/WPA2, during the deauthentication process the four way authentication handshake is revealed. The most secure protocols so far are the WPA/WPA2 ones. This is due to the fact that, even having an instance of the preshared key, one would require a dictionary attack, which would last from a few minutes to several weeks depending on the complexity of the key and the pluralism of words- records in the dictionary. The biggest advantage of WPA/WPA2 security protocols is security reliance on dictionary pluralism in words. As mentioned above, it is very difficult to expose the WPA/WPA2
security protocol, but not impossible. Even though, a considerable amount of time would be required. In order to accomplish that, in a relatively short period of time, the adversary should have a FPGA (instead of a computer), performing the whole procedure. The most efficient way to protect an 802.11i network is the use of WPA2, as the wireless security protocol, with a combination of MAC filtering. 256 bit is the strongest encryption so far. In addition,there is the possibility of changing the key periodically, which will increase the difficulty in adversaries’ attempts. It is indeed evident, that the aforementioned suggestions are not sufficient on their own,in achieving a desirable security standard. Hence, the adoption of the specific countermeasures-proposed in the ‘proposed scheme’ chapter, can improve the security standard of the network and make adversary hacking attempts more difficult.

By performing the calculations the complete dictionary would consist of 3.991929703310227E124 records. Thus, this procedure (that creates and searches the dictionary) will last several weeks using a simple computer, due to the required time which will be extremely high. At this point, it is obvious that a lot of time will be required to create a dictionary which will include all the different printable ASCII character sets of all the possible lengths. To achieve this in a shorter time, it is advisable to use a supercomputer or a computer cluster. An alternative to that would be to use an FPGA. In our experiment, case 3 failed due to the great length of time taken to find the secret key, resulting in the process being aborted in the end. The reason behind this was that password that was used was too complex and the correspondent dictionary did not have that word as a record. In case 9, which was as complex as case 3, the password existed asa record at the correspondent dictionary, resulting in the successful finding of the key. Inlight of this, it is clear that the successful finding of the key relies on the dictionary records. If the key is part of the dictionary then the procedure will be successful.