running Linux on odd devices is SOOO COOL!

[Kurt Granroth]

On 11/15/09 12:53 PM, Lisa Kachold wrote:
>     I guess I still disagree with your use of the word 'broken'.  By that
>     definition, gpg is 'broken' as well as *any* encryption system that uses
>     passwords.  Just because because you can brute force a crack doesn't
>     mean that the protocol broken.
>
>     And as far as 'eventually' goes... according to the people at
>     ElectricalAlchemy, a 12 character random password would take 28 TRILLION
>     hours of computing power (defined as 'high-CPU on Amazon EC2').  Let's
>     say that you can wrangle up 10,000 systems to work on this
>     simultaneously.  It would still take over 300,000 YEARS to brute
>     force it.
>
>
> Actually no; it would with current CUDA NVidia and faster processor
> techniques take at most 60 days.
>
> http://pyrit.wordpress.com/the-twilight-of-wi-fi-protected-access/
>
> Let's imagine I drive over to a well known corporation with WiFi (or
> target you and your networks); I can obtain sufficient information in
> less than 5 minutes; take it home and start the work.  Once I get the
> Pairwise Master Key - additional auth (captured in the stream) is trivial.

Thanks for the links to Pyrit; I hadn't heard of that project before. 
Very interesting stuff!

So in addition to using GPUs and multi-core systems, they also 
apparently are creating something like rainbow tables for common network 
names.  Clever.

BUT.. I'm still not seeing where you are getting the 'at most 60 days' 
figure.  The only figures that that blog entry talks about refers to 8 
char passwords with common network names.

That's not at all what I'm dealing with, here.  Since the Pairwise 
Master Key is constructed of the network name PLUS the password, in 
reality, the true password that needs brute-forcing is the combination 
of both if the network name isn't common.  In my case, I have my 20-odd 
char password plus nearly 15 char (very non-common) network name. 
That's equivalent to a 35 char randomized full-ASCII set password!  I 
have serious doubts that such a password could be brute forced in 60 
days, even with a cloud of GPUs.

If I'm wrong, please tell me specifically where I'm wrong.  I truly want 
to know.  But everything I've read, so far, all seems to indicate that I 
am, in fact, as safe as I thought I was.

>     I feel pretty safe with a protocol that would require long than the age
>     of the universe to crack!  I would NOT consider that broken :-)
>
>
> Well, evidently you are stuck in the security matrix; feels all good and
> safe in that denial?  I would challenge you to a real live test with
> your current configuration, but that work is (or was) really in your
> realm to complete right after installation; and I only pentest/crack
> with a fully signed contract or for demonstrations at PLUG HackFests for
> ITT and DeVry students at the John C. Lincoln Cowden Center.
>
> Happy wireless network sharing with smart kiddies running Backtrack4 USB
> on their NVidia gamer machines, Kurt!

If it's denial, then please let me know what I'm denying!  I've read 
everything you've provided and NOTHING in all of that is giving me any 
reason to think that my setup is any less secure than I thought at the 
outset of this discussion.

Also, FWIW, I'm not a sys-admin so this network is just my home wireless 
LAN.

> Radius is actually very trivial to run on Linux, and if you want to be
> really secure, it's especially easy to implement via SSO with sLDAP to a
> shared intregration of Active Directory (where the Microsoft desktop
> staff maintain the users).

Yep.  That's what we use at work.  It would be irresponsible for any 
company to NOT use Radius given its advantages.