Session
Computer Science and Communication Engineering
Description
Protocols that govern wireless security WPA2/WPA have been proven much more secure in comparison to their predecessor WEP. However, the human factor jeopardizes the solidity of cryptography by implementing passwords consisting of programmatically predictable numerical structures such as 1234512345, 11114444, 999888777 and so on. This practice endangers the security of the WPA protocol in particular, as the locally stored WPA handshake can be attacked for an unlimited number of times using brute-force attacks. The methods presented in this paper are effective in decrypting such passwords within seconds using ordinary processor power. The prevalence of this vulnerable practice in the Prishtina (Kosovo) region is estimated to be 15.7% in 89 tested wireless routers. Under this study such types of passwords are termed and referred to as Numerical Repetitive Sequences or NRS. The paper defines NRS mathematically, identifies NRS types, composes formulas for calculating variations, presents algorithms to generate NRS, and proposes tools to implement attacks. The methods documented in this study should only be used for educational purposes.
Keywords:
wireless security mathematical sequences algorithm handshake attack
Session Chair
Xhafer Krasniqi
Session Co-Chair
Driart Elshani
Proceedings Editor
Edmond Hajrizi
ISBN
978-9951-550-19-2
First Page
52
Last Page
59
Location
Pristina, Kosovo
Start Date
26-10-2019 3:30 PM
End Date
26-10-2019 5:00 PM
DOI
10.33107/ubt-ic.2019.281
Recommended Citation
Kelmendi, Genc and Hajrizi, Edmond, "Vulnerability of passwords consisting of Numerical Repetitive Sequences in the WPA2 protocol" (2019). UBT International Conference. 281.
https://knowledgecenter.ubt-uni.net/conference/2019/events/281
Included in
Vulnerability of passwords consisting of Numerical Repetitive Sequences in the WPA2 protocol
Pristina, Kosovo
Protocols that govern wireless security WPA2/WPA have been proven much more secure in comparison to their predecessor WEP. However, the human factor jeopardizes the solidity of cryptography by implementing passwords consisting of programmatically predictable numerical structures such as 1234512345, 11114444, 999888777 and so on. This practice endangers the security of the WPA protocol in particular, as the locally stored WPA handshake can be attacked for an unlimited number of times using brute-force attacks. The methods presented in this paper are effective in decrypting such passwords within seconds using ordinary processor power. The prevalence of this vulnerable practice in the Prishtina (Kosovo) region is estimated to be 15.7% in 89 tested wireless routers. Under this study such types of passwords are termed and referred to as Numerical Repetitive Sequences or NRS. The paper defines NRS mathematically, identifies NRS types, composes formulas for calculating variations, presents algorithms to generate NRS, and proposes tools to implement attacks. The methods documented in this study should only be used for educational purposes.