The truth about WPA/WPA2 encryption and high-speed cracking (1)

In a wireless WPA encryption environment, after obtaining a WPA handshake verification package, attackers can use the brute-force cracking mode to crack WPA passwords. In addition, they can also establish targeted dictionaries in advance, and then conduct dictionary cracking (attacks ). This will be an effective method for most Wireless Access Point APs. It turns out that the security awareness of most administrators, maintenance personnel, and home users is not as high as they think, at least for more than a year, I have encountered countless WPA-PSK passwords set to birthday or simple words.

So, can we say that as long as there is enough space and comprehensive dictionary, the actual cracking of WPA is mainly a matter of time. Is it true? I don't know if you have noticed it carefully. According to the current mainstream standalone environment configuration, the WPA cracking rate is maintained at 100 ~~ 300 k/s (k/s refers to the number of keys called per second during the cracking process). At this cracking rate, a 5-bit WPA password consisting of lowercase letters and numbers should be cracked, let's estimate with basic probability theory knowledge: (figure 1)

Figure 1 possible combination of passwords

(26 + 10 )? = 60466176;

The possible 5-digit WPA password is:

The time spent cracking will be:

60466176/(3600x300 )~~ 60466176/(3600 × 100), that is, 55.987 ~~ 167.962 hours.

If it is converted to a number of days, it will take about 2 ~~ 7 days. This is only a 5-digit WPA password. If the WPA password is a pure lowercase letter with a length of more than 10 digits, the shortest time is 5446261 days, that is, 14921 years !! It's really a tiandai number !! If the password combination uses uppercase/lowercase letters, numbers, and special characters, I'm afraid you will always say: Do you still have to consider cracking?

Therefore, after the WPA handshake is obtained, the cracking actually only applies when the other party uses a simple password. That is to say, because the cracking speed is too slow, therefore, after the other party uses a slightly complex password, this conventional method does not have much practical ability or even completely loses the meaning of cracking.