Milton Security Group Logo
Milton on Facebook    Milton on Twitter    Milton on LinkedIn
Login  |  Blog

ShieldTech Flash - WPA/WPA2 PSK - Are you (still) using Pre-Shared Keys < 10 characters?


For all the talk about the increase in WiFi security, there are still a quite a number of systems using pre-shared keys with simple passwords to protect their systems. Recently, the engineers at Milton Security Group LLC launched a side project to build a custom system utilizing open source tools to attack wireless access points in a lab environment. The purpose was to find out, first-hand, how easy or difficult it is to create a system capable of attacking a WiFi system configured with WPA2-PSK TKIP.

The results were interesting as the engineering team quickly discovered that cracking the WiFi security was quite possible, given the right circumstances to accomplish this. The optimal way to attack WPA/WPA2-PSK based systems is to use a rainbow table of possible PMK's (Pairwise Master Key) and use open source tools like cowpatty, pyrit, CUDA and aircrack-ng. Information about the necessary tools and attack methods are ready available online, with some very instructive videos on YouTube and Vimeo.

The result - for less than $3,000, the engineering team put together a system that is capable of 89,000 PMK/s attempts with minimal effort. Even more surprising is that the cost of generating these types of dictionary attacks will only get cheaper.

If you use WPA/WPA2 TKIP with Pre-Shared key, you could be vulnerable to this type of attack. If you must continue the use of WPA2-PSK, you should consider the following tips:

  • Disable TKIP
  • Use a PSK that exceeds 20 characters
        -Use random mix of ASCII - upper/lower case letters, numbers, symbols
  • Encrypt all traffic using AES
  • Change the PSK every 90 days (at a minimum)
  • Implement additional Network Access Controls on WiFi network


    Milton Security Group LLC recommends that in a corporate environment, a more robust authentication system must be implemented, one that is built around technologies like RADIUS, EAP or 802.1x.

    If you need help in deciphering all of this, Milton Security Group LLC can assist you in assessing, designing and implementing your WiFi security plan. In addition, Milton Security Group's MSG7200 product line can provide additional security controls to prevent unwanted access to your internal resources.