New Wi-Fi attack cracks WPA2 passwords with ease

[Brink]

A new way to compromise the WPA/WPA2 security protocols has been accidentally discovered by a researcher investigating the new WPA3 standard.

The attack technique can be used to compromise WPA/WPA2-secured routers and crack Wi-Fi passwords which have Pairwise Master Key Identifiers (PMKID) features enabled.

Security researcher and developer of the Hashcat password cracking tool Jens "Atom" Steube made the discovery and shared the findings on the Hashcat forum earlier this month.

At the time, Steube was investigating ways to attack the new WPA3 security standard. Announced in January by industry body the Wi-Fi Alliance, WPA3 is the latest refresh of the Wi-Fi standard.

WPA3 aims to enhance user protection, especially when it comes to open Wi-Fi networks and hotspots commonly found in public spaces, bars, and coffee shops. The new standard will utilize individualized data encryption to scramble connections -- as well as new protections against brute-force attempts to crack passwords.

However, the aging WPA2 standard has no such protection...

Read more: https://www.zdnet.com/article/new-wi-fi-attack-cracks-wpawpa2-passwords-with-ease/

 

[ian50]

Hello Brink


> " ... Pairwise Master Key Identifiers (PMKID) features enabled"


I have absolutely no idea what that phrase may mean.


Anyone ?

 

[file3456]

I don't either and it mentions some 802.11 standards that I have no idea about. Reading from the comments it appears that one still needs to crack the hash as the hash is all you get. So if your password is strong it will be hard to crack.

 

[Brink]

Hello Brink


> " ... Pairwise Master Key Identifiers (PMKID) features enabled"


I have absolutely no idea what that phrase may mean.


Anyone ?

Hello Ian,

This is what I found on it that may help.

:ar: Pairwise Master Key and Opportunistic Key Caching - PMK and OKC - Cisco Meraki

:ar: Shining a Light on a New Way to Attack WPA2 Weaknesses

 

[ian50]

Thanks Brink


Somewhat less muddy now - seems this "Pairwise" technique is designed to cache some wifi connection protocols (EAP) to individual AP's so that later re-connection is faster.


Since this only applies to my mobile phone and only in very specific circumstances, whether or not PMKID is enabled (how to tell ?) seems moot. So thank you for the answer - it is very helpful.