Cracking WPA Protected Wi-Fi in 6 Minutes using the Cloud

Using WPA/WPA2 to protect your wireless network has been stressed for quite a while now. But, just how long would it take to crack a WPA-PSK protected wireless network?

Well, according to recent reports, security researcher Thomas Roth says with his brute force program he was able to break into a WPA-PSK protected network in about 20 minutes. And with recent updates to the program, the same password would take about 6 minutes!

People tell me there is no possible way to break WPA, or, if it were possible, it would cost you a ton of money to do so. But it is easy to brute force them” Roth said.

How is this possible you ask? Roth’s program uses the power of the Cloud, Amazon’s cloud, using EC2 computers to be exact.

And what kind of power is available? I am not sure exactly which Amazon cloud package Roth used with his program. But a quick glance at the Amazon EC2 website shows that a Cluster GPU Quadruple Extra Large Instance provides access to 22 GB of memory, 33.5 EC2 Compute Units, 2 x NVIDIA Tesla “Fermi” M2050 GPUs, 1690 GB of local instance storage, 64-bit platform, and 10 Gigabit Ethernet.

And it looks like you can access up to eight of these systems before you need to fill out a special request form for additional servers.

Amazon charges 28 cents per minute for the service Roth used. And with his program checking 400,000 possible passwords per second cracking WPA just became pretty cost effective.

But using the cloud to brute force is nothing new to Roth, according to The Register:

Roth is the same researcher who in November used Amazon’s cloud to brute force SHA-1 hashes. Roth said he cracked 14 hashes from a 160-bit SHA-1 hash with a password of between one and six characters in about 49 minutes. He told The Register at the time he’d be able to significantly reduce that time with minor tweaks to his software, which made use of “Cluster GPU Instances” of the EC2 service.

Amazon is not too keen on Roth using the cloud for cracking passwords. According to an Amazon spokesman, using the cloud service to create a tool to show how security can be increased is okay. But don’t use it to actually crack passwords:

“Testing is an excellent use of AWS, however, it is a violation of our acceptable use policy to use our services to compromise the security of a network without authorization.”

Using a long complex password would prolong the time to brute force the password, but the Cloud based cracker program sounds impressive indeed.

Want to know more? Roth is scheduled to speak on this topic at the BlackHat 2011 DC seminar later this month and plans on making the software publicly available.

6 thoughts on “Cracking WPA Protected Wi-Fi in 6 Minutes using the Cloud”

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.