Wireless LAN connection today is not something out of the ordinary. However, at the same time, many users (especially owners of mobile devices) are faced with the problem of which protection system to use: WEP, WPA or WPA2-PSK. What kind of technology we are going to see now. However, the most attention will be paid specifically to WPA2-PSK, since it is this protection that is today the most popular.
WPA2-PSK: what is it?
Let's say right away: this is a protection system for any local connection to a wireless network based on WI-Fi. For wired systems based on network cards that use a direct connection using Ethernet, this has nothing to do.
Protecting a WiFi network using WPA2-PSK technology today is the most "advanced". Even somewhat outdated methods that require a login and password request, as well as involving the encryption of confidential data during reception and transmission, look, to put it mildly, babble. And that's why.
Varieties are sewn up
So, let's start with the fact that until recently the WEP structure was considered the most secure connection protection technology. It used the key integrity check when connecting any device wirelessly and was the IEEE 802. 11i standard.
The protection of the WiFi network WPA2-PSK works, in principle, in almost the same way, however, it checks the access key at the level of 802. 1X. In other words, the system checks all possible options.
However, there is a newer technology called WPA2 Enterprise. Unlike WPA, it provides not only the requirement for a personal access key, but also the availability of a Radius server providing access. At the same time, such an authentication algorithm can work simultaneously in several modes (for example, Enterprise and PSK, using AES CCMP level encryption).
Basic security and security protocols
As well as departing in the past, modern protection methods use the same protocol. This is TKIP (WEP security system based on software update and RC4 algorithm). All this involves entering a temporary key to access the network.
As shown by practical use, this algorithm alone did not provide much security for connecting to a wireless network. That is why new technologies were developed: first WPA, and then WPA2, supplemented by PSK (personal access key) and TKIP (temporary key). In addition, data transfer and reception encryption algorithms , now known as the AES standard, were also included here.
Outdated technology
The security type WPA2-PSK has appeared relatively recently. Prior to this, as mentioned above, WEP was used in combination with TKIP. TKIP protection is nothing but a means of increasing the width of the access key. At the moment, it is believed that the basic mode allows you to increase the key from 40 to 128 bits. With all this, you can also change a single WEP key to several different ones, generated and sent automatically by the server itself, which authenticates the user at the entrance.
In addition, the system itself provides for the use of a strict hierarchy of key distribution, as well as a technique to get rid of the so-called predictability problem. In other words, when, for example, for a wireless network using WPA2-PSK protection, the password is set in the form of a sequence like β123456789β, it is easy to guess that the same key and password generator programs are usually called KeyGen or something like that, when you enter the first four characters, they can automatically generate the next four characters. Here, as they say, one does not need to be unique in order to guess the type of sequence used. But this, as probably already understood, is the simplest example.
As for the user's birthday in the password, this is not discussed at all. You can easily be calculated using the same registration data on social networks. Digital passwords of this type themselves are completely unreliable. Itβs better to use numbers, letters, and symbols together (you can even print them if you provide a combination of hot keys) and a space. However, even with this approach, hacking WPA2-PSK is possible. Here you need to explain the methodology of the system itself.
Typical Access Algorithm
Now a few more words about the WPA2-PSK system. What is this in terms of practical application? This is a combination of several algorithms, so to speak, in the operating mode. Let us explain the situation using an example.
Ideally, the sequence of execution of the procedure for protecting the connection and encryption of transmitted or received information is as follows:
WPA2-PSK (WPA-PSK) + TKIP + AES.
In this case, the main role is played by the common key (PSK) in length from 8 to 63 characters. In which sequence the algorithms will be involved (either encryption will occur first, or after transmission, or in the process using random intermediate keys, etc.), it does not matter.
But even with security and an encryption system at the AES 256 level (meaning the width of the cipher key), hacking WPA2-PSK for hackers who are versed in this matter will be a difficult task, but possible.
Vulnerability
Back in 2008, at a PacSec conference, a technique was introduced that allowed you to hack into a wireless connection and read the transmitted data from the router to the client terminal. All this took about 12-15 minutes. However, it was not possible to crack the reverse transmission (client-router).
The fact is that when the QoS router mode is on, you can not only read the transmitted information, but also replace it with fake information. In 2009, Japanese experts introduced a technology to reduce hacking time to one minute. And in 2010, information appeared on the Web that it was easiest to hack the Hole 196 module present in WPA2 using its own private key.
We are not talking about any interference with the generated keys. First, the so-called dictionary attack is used in conjunction with brute force, and then the wireless connection space is scanned in order to intercept the transmitted packets and record them later. It is enough for the user to make a connection, as soon as he deauthorizes, intercepts the transmission of initial packets (handshake). After that, even being close to the main access point is not required. You can safely work offline. True, to perform all these actions, you will need special software.
How to hack WPA2-PSK?
For obvious reasons, here the full algorithm for hacking the connection will not be given, since this can be used as a kind of instruction for action. Let us dwell only on the main points, and then - only in general terms.
As a rule, with direct access to the router, you can put it in the so-called Airmon-NG mode to track traffic (airmon-ng start wlan0 - rename the wireless adapter). After that, traffic is captured and fixed using the airdump-ng mon0 command (tracking channel data, beacon speed, encryption speed and method, amount of data transferred, etc.).
Next, the command to fix the selected channel is used, after which the Aireplay-NG Deauth command is entered with the associated values ββ(they are not given for reasons of the legality of using such methods).
After that (when the user has already logged in when connecting), the user can simply be disconnected from the network. At the same time, when re-entering from the hacking side, the system will repeat the login authorization, after which it will be possible to intercept all access passwords. Next, a window appears with a βhandshakeβ (handshake). Then you can apply the launch of a special WPAcrack file, which will allow cracking any password. Naturally, exactly how it is launched, no one will tell anyone. We only note that in the presence of certain knowledge the whole process takes from several minutes to several days. For example, an Intel-level processor operating at a standard clock frequency of 2.8 GHz is capable of processing no more than 500 passwords in one second, or 1.8 million per hour. In general, as is already clear, do not flatter yourself.
Instead of an afterword
That's it for WPA2-PSK. What is it, perhaps, from the first reading is understandable and will not. Nevertheless, the basics of data protection and the applied encryption systems, I think, will understand any user. Moreover, today almost all owners of mobile gadgets face this. Have you ever noticed that when creating a new connection on the same smartphone, the system suggests using a certain type of protection (WPA2-PSK)? Many simply do not pay attention to it, but in vain. In the advanced settings, you can use a fairly large number of additional parameters in order to improve the security system.