Wireless LAN connection today is not something out of the ordinary. However, many users (especially mobile device owners) face the problem of which security system to use: WEP, WPA or WPA2-PSK. What kind of technology, we now see. However, the greatest attention will be paid to WPA2-PSK, since it is this protection that is most in demand today.
WPA2-PSK: what is it?
Let's say right away: this is a system for protecting any local connection to a wireless network based on WI-Fi. Wired NIC-based systems using a direct Ethernet connection are not affected.
WiFi network protection using WPA2-PSK technology is the most "advanced" today. Even somewhat outdated methods that require a login and password request, as well as encrypting confidential data during transmission and reception, look, to put it mildly, childish babble. Here's why.
Varieties of protection
So, let's start with the fact that until recently the mostThe WEP structure was considered a secure connection security technology. It used a key integrity check when connecting any device wirelessly and was the IEEE 802 standard. 11i.
WPA2-PSK WiFi security works basically the same way, but it checks the passkey at the 802.1X level. In other words, the system checks all possible options.
However, there is a newer technology called WPA2 Enterprise. Unlike WPA, it requires not only the request for a personal access key, but also the presence of a Radius server that provides access. At the same time, such an authentication algorithm can work simultaneously in several modes (for example, Enterprise and PSK, while using AES CCMP encryption).
Basic protection and security protocols
As well as those of the past, modern protection methods use the same protocol. This is TKIP (WEP security system based on software update and RC4 algorithm). All this involves entering a temporary key to access the network.
As shown by practical use, by itself, such an algorithm did not give a special security connection in a wireless network. That is why new technologies were developed: first WPA and then WPA2, supplemented by PSK (Personal Access Key) and TKIP (Temporary Key). In addition, the data encryption algorithms for transmitting and receiving, now known as the AES standard, were also included here.
Obsolete technology
The WPA2-PSK security type is relatively recent. Prior to this, as mentioned above, the WEP system was used in combination with TKIP. TKIP protection is nothing more than a means of increasing the bit length of the access key. At the moment, it is believed that the basic mode allows you to increase the key from 40 to 128 bits. With all this, you can also change the one and only WEP key to several different ones, generated and sent automatically by the server itself, which authenticates the user at login.
In addition, the system itself provides for the use of a strict key distribution hierarchy, as well as a technique to get rid of the so-called predictability problem. In other words, when, say, for a wireless network using WPA2-PSK security, the password is set in the form of a sequence like "123456789", it is easy to guess that the same key and password generator programs, usually called KeyGen or something like that, when entering the first four characters, they can automatically generate the next four. Here, as they say, you do not need to be unique in order to guess the type of sequence used. But this, as probably already understood, is the simplest example.
As for the date of birth of the user in the password, this is not discussed at all. You can easily be identified by the same registration data in social networks. Digital passwords of this type themselves are absolutely unreliable. It’s better to use numbers, letters, and symbols together (you can even use non-printable ones, providedhot key combinations) and a space. However, even with this approach, it is possible to crack WPA2-PSK. Here it is necessary to explain the method of operation of the system itself.
Typical access algorithm
Now a few more words about the WPA2-PSK system. What is it in terms of practical application? This is a combination of several algorithms, so to speak, in working mode. Let's explain the situation with an example.
Ideally, the sequence of execution of the connection protection procedure and encryption of transmitted or received information is as follows:
WPA2-PSK (WPA-PSK) + TKIP + AES.
In this case, the main role is played by a common key (PSK) with a length of 8 to 63 characters. In what sequence the algorithms will be involved (either encryption will occur first, or after transmission, or in the process using random intermediate keys, etc.), does not matter.
But even with protection and an encryption system at the level of AES 256 (meaning the width of the cipher key), cracking WPA2-PSK for hackers who are knowledgeable in this matter will be a task, albeit difficult, but possible.
Vulnerability
Back in 2008, at the PacSec conference, a technique was presented that allows you to hack a wireless connection and read the transmitted data from the router to the client terminal. All this took about 12-15 minutes. However, the backhaul (client-router) was never hacked.
The fact is that when the QoS router mode is enabled, you can not only read the transmitted information, but also replace it with a fake one. In 2009Japanese specialists have presented a technology that can reduce the time of hacking to one minute. And in 2010, information appeared on the Web that the easiest way to crack the Hole 196 module present in WPA2 is using your own private key.
There is no question of any intervention in the generated keys. First, the so-called dictionary attack is used in combination with brute force, and then the wireless connection space is scanned in order to intercept transmitted packets and then record them. It is enough for the user to make a connection, as he is immediately deauthorized, intercepting the transmission of initial packets (handshake). After that, even being close to the main access point is not required. You can easily work offline. True, to perform all these actions, you will need special software.
How to hack WPA2-PSK?
For obvious reasons, the full algorithm for breaking the connection will not be given here, since it can be used as some kind of instruction for action. We will dwell only on the main points, and then only in general terms.
As a rule, with direct access to the router, it can be put into the so-called Airmon-NG mode to monitor traffic (airmon-ng start wlan0 - rename the wireless adapter). After that, the traffic is captured and fixed using the airdump-ng mon0 command (monitoring link data, beacon rate, rate and encryption method,amount of data transferred, etc.).
Next, the command to fix the selected channel is activated, after which the Aireplay-NG Deauth command is entered with associated values (they are not given for reasons of the legality of using such methods).
After that (when the user has already passed authorization when connecting), the user can simply be disconnected from the network. At the same time, when you re-enter from the hacking side, the system will repeat the login authorization, after which it will be possible to intercept all access passwords. Next, a window will appear with a "handshake" (handshake). Then you can apply the launch of a special WPAcrack file, which will allow you to crack any password. Naturally, no one will tell anyone exactly how it is launched. We only note that with certain knowledge, the whole process takes from several minutes to several days. For example, an Intel-level processor running at a stock clock speed of 2.8 GHz can process no more than 500 passwords in one second, or 1.8 million per hour. In general, as is already clear, you should not flatter yourself.
Instead of afterword
That's it for WPA2-PSK. What it is, perhaps, from the first reading it is clear and will not be. Nevertheless, it seems that any user will understand the basics of data protection and the encryption systems used. Moreover, today almost all owners of mobile gadgets face this. Have you ever noticed that when you create a new connection on the same smartphone, the system suggests using a certain type of protection(WPA2-PSK)? Many simply do not pay attention to it, but in vain. In the advanced settings, you can use a fairly large number of additional options in order to improve the security system.
