2010年4月10日 星期六

802.11通訊的安全警告--高效率WPA/WPA2破解軟件出籠!|OmniPeek無線數據分析技術

802.11通訊的安全警告--高效率WPA/WPA2破解軟件出籠!|OmniPeek無線數據分析技術
802.11通訊的安全警告-WPA/WPA2破解軟件出籠

最近,俄羅斯安全公司Elcomsoft發佈了一款暴力 破解軟件:Elcomsoft Distributed Password Recovery最新版,這種軟件的破解算法針對Nvidia顯卡進行了特別優化,從而是使WPA和WPA2無線密鑰破解速度提高100倍,而且軟件還允 許數千台計算機聯網進行分佈式並行計算。只要截獲有限的幾個包(tcpdump格式),Elcomsoft Distributed Password Recovery就可以對WPA/WPA2進行破解。這就意味著wpa2將不再成為牢不可破的加密方式。

簡單的wpa2密鑰可能需要幾天 或者幾個星期就可以算出來!這給802.11 加密通訊敲響了警鐘,是不是我們所有的加密算法都不能用了呢?

其實不然,對於一般的公司用 通訊技術而言,wpa和wpa2還是相當牢固的算法,即使使用Elcomsoft Distributed Password Recovery,只要密碼設置適當,是很難算出來的。如果破解者擁有幾千幾萬台配置有Nvidia顯卡的集群系統,哪可能就沒有辦法

其 實密鑰之所以成為密鑰,是因為它的破解難度在一般使用者的破解能力之上,完全不能破解那是不可能的。

不過隨著計算機硬件和破解技術的發 展,加密技術(包括無線通訊的加密技術)也應當不斷地提高算法難度,保證其安全性。

如果要進行高機密級別的802.11通訊,可以啟用 VPN,雖然這樣會造成系統性能下降(尤其是VoIP)方面,不過這可能是當前唯一的選擇。


ElcomSoft Breaks Wi-Fi Encryption Faster with GPU Acceleration

ElcomSoft Co. Ltd. accelerates the recovery of WPA and WPA2 encryption used in the Wi-Fi protocol by employing the newgeneration NVIDIA video cards. ElcomSoft patent-pending GPU acceleration technology implemented in Elcomsoft Distributed Password Recovery allows using laptop, desktop or server computers equipped with supported NVIDIA video cards to break Wi-Fi encryption up to 100 times faster than by using CPU only.
Moscow, Russia (PRWEB) October 9, 2008 -- ElcomSoft Co. Ltd. accelerates the recovery of WPA and WPA2 encryption used in the Wi-Fi protocol by employing the new-generation NVIDIA video cards. ElcomSoft patent-pending GPU acceleration technology implemented in Elcomsoft Distributed Password Recovery allows using laptop, desktop or server computers equipped with supported NVIDIA video cards to break Wi-Fi encryption up to 100 times faster than by using CPU only.
News Image
Elcomsoft Distributed Password Recovery supports both WPA and the newer WPA2 encryption used in the majority of Wi-Fi networks, allowing breaking Wi-Fi protection quickly and efficiently with most laptop and desktop computers. The support of NVIDIA graphic accelerators increases the recovery speed by an average of 10 to 15 times when Elcomsoft Distributed Password Recovery is used on a moderate laptop with NVIDIA GeForce 8800M or 9800M series GPU, or up to 100 times when running on a desktop with two or more NVIDIA GTX 280 boards installed. Governments, forensic and corporate users will benefit from vastly increased speed of breaking Wi-Fi protection provided by Elcomsoft Distributed Password Recovery.

Breaking Wi-Fi Protection with Elcomsoft Distributed Password Recovery
With growing numbers of Wi-Fi networks used by businesses and individuals all over the world, security becomes utterly important. There are currently two methods of protecting Wi-Fi networks, WEP and WPA/WPA2. Unlike enterprise, RADIUS protected networks, consumer-grade WPA and WPA2 protection methods rely on passwords and encryption to protect traffic transferred between users and network access points. However, WEP, the older protection method, is no longer considered secure even for home users, as sometimes it can be broken in less than two minutes due to security flaws discovered in the algorithm.
The newer WPA/WPA2 encryption is inherently more secure than WEP. The only way to break WPA and WPA2 encryption is to use a brute force attack, which involves trying all possible passwords in the hope to discover the only correct one. With billions of possible combinations, it can take years to break into a WPA/WPA2 protected network. However, WPA/WPA2 protected networks are not immune against distributed attacks performed with GPU-accelerated algorithms.
With the latest version of Elcomsoft Distributed Password Recovery, it is now possible to crack WPA and WPA2 protection on Wi-Fi networks up to 100 times quicker with the use of massively parallel computational power of the newest NVIDIA chips. Elcomsoft Distributed Password Recovery only needs a few packets intercepted in order to perform the attack. The new product of ElcomSoft Co. Ltd. makes it possible to quickly perform security audit of corporate Wi-Fi networks, allowing to test network security against threats such as inappropriate WLAN security policy.
Using NVIDIA Cards to Break Wi-Fi Protection Faster
Today's video cards such as NVIDIA GeForce GTX280 can process hundreds of billions fixed-point calculations per second. Add as much as 1 GB of onboard video memory and up to 240 processing units, multiply it by two by using a couple of NVIDIA cards, and enter the whole new world of super-parallel computational power for just a few hundred dollars.
Until recently, all the power of highly parallel, super-scalar processors in 3D graphic accelerators could only be used for gaming. ElcomSoft Co. Ltd. has invented a way to utilize the massively parallel computational power of NVIDIA gaming cards for increasing the speed of password recovery. Elcomsoft Distributed Password Recovery, its flagship password recovery tool, is able to fully utilize recent NVIDIA chips used in laptop, desktop and server computers, increasing the speed of Wi-Fi password recovery up to 100 times compared to conventional CPUs.
About Elcomsoft Distributed Password Recovery:
Elcomsoft Distributed Password Recovery is a high-end password recovery solution for forensic and government agencies, data and password recovery services, and corporate users. Featuring patent-pending acceleration technologies and providing massively parallel operation and linear scalability with no overhead, Elcomsoft Distributed Password Recovery offers demanding users the fastest password recovery by a huge margin.
Elcomsoft Distributed Password Recovery can retrieve a variety of system passwords such as NTLM and Windows startup passwords, crack MD5 hashes, unlock password-protected documents created by Microsoft Office 97-2007, PDF files created by Adobe Acrobat, and breaks both WPA and WPA2 encryption of protected Wi-Fi networks. With numerous unique technologies, wide range of supported password recovery options and patent-pending GPU acceleration, Elcomsoft Distributed Password Recovery remains the most technologically advanced password recovery tool currently available.
About ElcomSoft Co. Ltd.:
Founded in 1990, ElcomSoft Co.Ltd. develops state-of-the-art computer forensics tools, provides computer forensics training and computer evidence consulting services. Since 1997, ElcomSoft has been providing products and services to businesses, law enforcement, military, and intelligence agencies. ElcomSoft products are used by most of the Fortune 500 corporations, multiple branches of the military all over the world, foreign governments, and all major accounting firms. ElcomSoft and its officers are members of the Russian Cryptology Association. ElcomSoft is a Microsoft Certified Partner, an Intel Software Partner, and Member of NVIDIA's CUDA Developer Relations Program.
For more information and to download an evaluation version of Elcomsoft Distributed Password Recovery, visit ElcomSoft Co. Ltd. at wpa.elcomsoft.com

沒有留言: