A new critical flaw in Wi-Fi Protected Standard (WPS) has recently been uncovered by Security researcher Stefan Viehböck that leaves wireless routers open to attack. The
inherent vulnerability lies in the design protocol that splits the 8
digit PIN in two halves which reduces its complexity and henceforth the
time required to crack it. Simple permutations and combinations deduce
that an 8 digit pin will create 100 million possible combinations and
during his testing Stefan found it takes 2 seconds to test each
combination, so bruteforcing was not a feasible option.
Unfortunately,
after entering the first 4 digits of a pin, the protocol used by WPS
confirms if they are correct or not, which means the pairs can be
attacked separately. Also, the remaining 4 digits is just a checksum, so
if an attacker has the first 4 digits, he just have to try ~1000
combinations to crack it open , which brings it to a total of 11000
different combinations to the correct pin which reduces the attack time
into a matter of hours. You can find the documented PDF here and read the awesomeness. I guess router manufacturers are up for a software fix, till then , I guess we all have to go back to MAC address .
No comments:
Post a Comment