Your SlideShare is downloading. ×
Cracking wpa2 psk in the cloud
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Cracking wpa2 psk in the cloud


Published on

Published in: Technology, Business

1 Like
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide
  • Micro Instance 613 MB of memory, up to 2 ECUs (for short periodic bursts)Small Instance (Default) 1.7 GB of memory, 1 EC2 Compute Unit (1 virtual core with 1 EC2 Compute Unit)Large Instance 7.5 GB of memory, 4 EC2 Compute Units (2 virtual cores with 2 EC2 Compute Units each)High-CPU Medium Instance 1.7 GB of memory, 5 EC2 Compute Units (2 virtual cores with 2.5 EC2 Compute Units each)High-CPU Extra Large Instance 7 GB of memory, 20 EC2 Compute Units (8 virtual cores with 2.5 EC2 Compute Units each)
  • Transcript

    • 1. Cracking WPA2-PSK in the cloud
      A Cost Effective Solution For Brute Force Attacks
      By Fotios Lindiakos and Ed Rowland
    • 2. WPA2-PSKWi-Fi Protected Access II – Pre-shared Key
      Replaced WPA in 2004 as 802.11i standard
      Added security replacing TKIP with CCMP (AES)
      Required for devices with Wi-Fi trademark
      Two modes
      Enterprise – requires a Radius Server (802.1x)
      Personal – 256 bit key created from a string of 64 digits or 8-63 character passphrase
      Key calculation
      Passphrase  PBKDF2(f) salted w/SSID  4096 iterations of HMAC-SHA1
    • 3. WPA2-PSK/802-11i4 Way Handshake
      • Goal - derive Passphrase from PMK
      • 4. Correct Passphrase “guessed” if tool can calculate the same Message Integrity Code (MIC)
      Hacking Exposed - Stuart McClure, Joel Scambray, George Kurtz
    • 5. Tools Used
      Amazon’s EC2 cloud
      Multiple types of instances running 64 bit Ubuntu 10.04 LTS
      Aircrack-ng v1.1
      Custom web front end
      Custom code to parallelize processing
      Laptop/mobile device running aircrack-ng to capture and send capture file to cloud
    • 6. About The EC2 Cloud
      One of many proprietary web services Amazon offers providing PAAS, IAAS & SAAS
      Elastic Compute Cloud (EC2) virtualizes compute cycles into EC2 compute units (ECU)
      One ECU provides the equivalent CPU capacity of a 1.0-1.2 GHz 2007 Opteron or Xeon processor
      Access to an EC2 instance is via SSH leveraging PKI to encrypt a session key
    • 7. To the cloud!
    • 8. Cracking Statistics
    • 9. But what about cracking…
      One Hundred MILLION keys!
    • 10. Time to Crack 100,000,000
    • 11. Optimized for “Bang for your buck”
    • 12. About Custom Code
      Written in Ruby
      Front end is a Sinatra web application
      Back end is a wrapper around aircrack-ng
      Library handles communicating with EC2
      Only 234 lines of code
    • 13. Front End
      Accepts PCAP from the user
      Also gets SSID and how many instances to run
      Creates a “message” for each instance
      This message is put on a queue waiting for client to come online
      It contains all the information the client needs
      Starts cracking instances
      Waits for results and reports them to the user
      After a key is found, terminates all clients
    • 14. Back End
      Pops a message off the queue at boot time
      Gets the PCAP and full dictionary file
      Creates smaller wordlists
      First, makes a list based on “chunk” assigned
      Breaks that into smaller chunks for reporting purposes
      Runs aircrack-ng against each chunk
      Reports progress or the key after every iteration
    • 15. Tested Instance Types and Cost
    • 16. Demo
    • 17. Results – Single Instance
    • 18. Results – Parallel Instances
    • 19. Future Work
      Utilize other EC2 Instance types
      High End Cluster with GPU
      33.5 ECU and 2 x NVIDIA Tesla “Fermi” M2050 GPUs
      Optimize cracking client for architecture
      Fully utilize multiple CPU/core
      Fully utilize 64 bit capabilities
      Fully utilize GPU acceleration
      Look at other cracking tools
      coWPAtty, Hydra, custom code
    • 20. Conclusion
      It’s certainly inexpensive and easy to leverage cloud computing to hack WPA2-PSK efficiently
      As long as you have an adequate dictionary
      The attack can be prioritized based on
      Use cheaper instances, regardless of time
      Use most powerful instances, regardless of cost