View Single Post
  #1   (View Single Post)  
Old 7th July 2008
Sunnz's Avatar
Sunnz Sunnz is offline
Real Name: I don't have real time
Just a computer user...
 
Join Date: May 2008
Location: See Google Maps
Posts: 101
Default WPA2, crackable?

A quota from another recent Wifi thread:

Quote:
Are you planning to implement some type of encryption such as WEP, WPA, or WPA2? I'd recommend WPA2 but it's still hackable. If you're looking into added security, you may need to implement some type of vpn.
I guess this is kind of a different topic so I made a new thread... but is WPA2 really crackable?

From what I understand, the only known way to crack WPA-PSK is by brute force, so if you use a long complicated random passphrase, say you generate a string of random ascii characters of length more than 40, it is already infeasible to brute force it, it just takes millions of centuries (or something along those lines) to brute force the WPA key.

With WEP, you are use the maximum length supported by WEP, and it is still crackable, because you don't need to brute force it, the design WEP is flawed such that the key can be work out by capturing enough WEP traffic.

Well, that's pretty much how I understood the situation... am I terribly wrong? Or have there actually new flaws or techniques to uncover a WPA key?

I do use OpenVPN myself instead of utilising WPA, pretty much just because... but how does VPN really compares to WPA? OpenVPN by default uses blowfish-128 for its encryption, whereas WPA may use AES-128... but then OpenVPN can use AES-256 instead, but they are suppose to be adequent anyway?

And yea I do have a few things that don't support any kind of VPN, Wii, my Phone, PSP, etc... I have been considering using a separate WPA router for these things...
__________________
She sells C shells by the seashore.
Reply With Quote