On Thu, 1 Aug 2019 09:32:32 +0300 Reco <recovery...@enotuniq.net> wrote:
> On Wed, Jul 31, 2019 at 10:30:05PM -0400, Celejar wrote: > > > > > > > You have authentication frames that can be intercepted (so WPA > > > > > > > passphrase can be bruteforced). > > > > > > > > > > > > Lots of things (such as TLS, ssh) can theoretically be brute forced > > > > > > - > > > > > > the question is whether such brute forcing is sufficiently > > > > > > practical to > > > > > > be a threat. I have seen nothing to indicate that properly > > > > > > configured > > > > > > WPA2 can be realistically brute forced. > > > > > > > > > > For WPA2 it's not that hard really, assuming pre-shared key usage. > > > > > Can be expensive (all those videocards and ASICs have their cost), but > > > > > definitely doable. > > > > > > > > I'd be interested in seeing some real-world studies, or simply just a > > > > mathematical analysis of how much hardware would be necessary to crack > > > > a good WPA2 password. I've seen lots of sites explaining how to use > > > > hashcat with a GPU, and various real-world tests on lists of hashed > > > > passwords (e.g., [1]), but can you provide a serious analysis of the > > > > practical cost, in time or hardware, of cracking a real-world WPA setup? > > > > > > Cost - Amazon will take 11c per hour for that VM that comes with NVIDIA > > > Tesla videocard. > > > Said hour is more than enough to bruteforce 8 character WPA passphrase > > > with hashcat. > > > > Yes, and who said anything about using 8 character passphrase? How > > about the cost of cracking a 16 character passphrase? Or a 60 character > > one? > > Each extra character in WPA passphrase adds roughly two orders of > magnitude to the bruteforce time. > So you cheat. Dictionary attacks, Markov chain attacks, assumptions on > the characters used in passwords - all that really lowers bruteforce > time. But none of that will help if the passphrase is properly (randomly) chosen. Celejar
