LINUX WIFI HACKING A GENTLE INTRODUCTION TO WIFI

HACKING

ByINDERPREET SINGH

A Brief Overview

Wi-Fi has been around more than 12 years --originally, it lacked any form of security

Since 2001, Wireless Encryption Protocol (WEP) has been successfully attacked -- in 2007, it takes no more than 90,000 packets to break keys (due to weaknesses in RC4) -- time to crack less than 1 minute

Since 2004, Wi-Fi Protected Access (WPA & WPA2) were introduced to address WEP’s failure -- but even this is not quite enough for full security

WEP

WPA2WPA

Wi-Fi Encryption Techniques

Comparison  WEP WPA WPA2

Name Wired Equivalent Privacy

Wi-Fi Protected Access Wi-Fi Protected Access 2

Combo 24 bit initialization keys

16.7 million combination

48 bit initialization keys500 trillion combinations

48 bit initialization keys500 trillion combinations

(Advanced Encryption Standard)

Encryption 64 bits128 bits

64 bits128 bits

64 bits128 bits

Keys Static encryption keys Unique encryption key Unique encryption key

Speed Not much processing power

Somewhat processing power

Requires greater processing power

Master Key Master keys are used directly

Master keys are never directly used

Master keys are never directly used

4-way Handshake

LIVE DEMO

Securing Wi-Fi

In my view, only reliable method for securing Wi-Fi is to run a VPN on top (e.g., OpenVPN)

WEP and WPA are easily broken (WPA TKIP cracked in less than 1 minute by Japanese researchers in 2009)

WPA is TKIP -- WPA2 is CCMP, which is better (AES) WPA2 is probably secure enough for home usage -- but there is

still risk of impersonation