Home - General Discussion - WPA 3 !!!


11 Results - Page 1 of 1 -
1
Author Message
Avatar
ghsixd

Status: n/a
Joined: Tue, 15 Nov 2016
Posts: 155
Team:
Reputation: 231 Reputation
Offline
Tue, 09 Jan 2018 @ 10:31:13


omg :O

https://www.ghacks.net/2018/01/09/wi-fi-alliance-announces-wpa3/


+rep if i helped
BTC: 17danBChfUExT4UtQVxPsD96RowG5eExss

Avatar
roastage

Status: n/a
Joined: Tue, 19 Dec 2017
Posts: 2
Team:
Reputation: 0 Reputation
Offline
Tue, 09 Jan 2018 @ 12:43:59

Oh....That's a good thing, I like the idea of encryption between client and AP, saving the average user from themselves yet again...


Avatar
mkerr

Status: n/a
Joined: Sun, 03 Sep 2017
Posts: 371
Team:
Reputation: 308 Reputation
Offline
Tue, 09 Jan 2018 @ 13:14:36

Yes, the Wi-Fi Alliance have been working on WPA3 for some time and are fully
aware of all the ways that WPA2 has been compromised

Offline brute force will be impossible in WPA3
Things will be much quieter here and gpuhash.me will need a new business model

Guess WPA/WPA2 will still be around for a little while yet, but WPA2 will eventually
be as rare as WEP today


Avatar
gpuhash_me

Status: Cracker
Joined: Sun, 08 Nov 2015
Posts: 439
Team: gpuhash team
Reputation: 840 Reputation
Offline
Tue, 09 Jan 2018 @ 14:06:57

mkerr said:


Offline brute force will be impossible in WPA3

Really? As I can see they only mentioned online brute force protection. Have good feeling they leave all this PSK shit but only change encryption scheme to protect from KRACK attack.
Need to get draft first anyway. Actually these guys may easily add new vulnerabilities


GPUHASH.me team official representative
Support, discounts, free offers for forum members

Avatar
mkerr

Status: n/a
Joined: Sun, 03 Sep 2017
Posts: 371
Team:
Reputation: 308 Reputation
Offline
Tue, 09 Jan 2018 @ 14:51:34

gpuhash_me said:

mkerr said:


Offline brute force will be impossible in WPA3

Really? As I can see they only mentioned online brute force protection. Have good feeling they leave all this PSK shit but only change encryption scheme to protect from KRACK attack.
Need to get draft first anyway. Actually these guys may easily add new vulnerabilities

It is not mentioned in the initial press release, but the proposed handshake for WPA3 is
based on SAE (Simultaneous Authentication of Equals) as already defined for 802.11s (mesh)

The handshake includes a Diffie-Hellman exchange to generate a key component that
cannot be discovered from a handshake capture. This means that any session sub-keys
cannot be determined to attempt to replicate a MIC, for example

Hence, offline dictionary or brute force attacks will no longer be possible


Avatar
longt

Status: n/a
Joined: Mon, 04 Apr 2016
Posts: 124
Team:
Reputation: 33 Reputation
Offline
Tue, 09 Jan 2018 @ 19:09:17

https://www.krackattacks.com


99% of bitcoin/crypto wallet cracking requests are posted by dreamers ~

Avatar
roastage

Status: n/a
Joined: Tue, 19 Dec 2017
Posts: 2
Team:
Reputation: 0 Reputation
Offline
Thu, 11 Jan 2018 @ 14:54:39

Mind you there are some very gifted people out there who will search and find vulnerabilities none the less. So who knows what may be possible, closing one door could mean they leave another open. But that's why we look for vulnerabilities to make things more secure!!


Avatar
mkerr

Status: n/a
Joined: Sun, 03 Sep 2017
Posts: 371
Team:
Reputation: 308 Reputation
Offline
Thu, 11 Jan 2018 @ 16:05:23

roastage said:

But that's why we look for vulnerabilities to make things more secure!!

Indeed, but I have my doubts that the hoards of "security researchers" that keep posting
here with their "please help wpa2" are going to be making any breakthroughs


Avatar
gpuhash_me

Status: Cracker
Joined: Sun, 08 Nov 2015
Posts: 439
Team: gpuhash team
Reputation: 840 Reputation
Offline
Thu, 11 Jan 2018 @ 16:38:08

By the way interesting stats. WPA became available in 2003 (WPA2 in 2004) because was known vulnerability in WEP (by design).
But according to https://wigle.net/stats were ~25% of WEP protected networks in 2012 (22% in 2013 - 10 years passed)


GPUHASH.me team official representative
Support, discounts, free offers for forum members

Avatar
mkerr

Status: n/a
Joined: Sun, 03 Sep 2017
Posts: 371
Team:
Reputation: 308 Reputation
Offline
Thu, 11 Jan 2018 @ 17:01:02

gpuhash_me said:

By the way interesting stats. WPA became available in 2003 (WPA2 in 2004) because was known vulnerability in WEP (by design).
But according to https://wigle.net/stats were ~25% of WEP protected networks in 2012 (22% in 2013 - 10 years passed)

Yes, WPA2 will be around for a long while yet and may well follow the same kind of curve
Certainly quite possible there will be a similar residue of ~20% legacy WPA2 in 10 years

It also looks like the WiFi-Alliance are tightening WPA2 compliance from 2018 for new devices

Support for Protected Management Frames (802.11w) becomes mandatory and possibly an
increase in minimum passphrase length from 8 to 12?

That may make deauth attack and cracking a little more difficult on any new WPA2 routers
in the meantime


Avatar
payknight

Status: Cracker
Joined: Wed, 13 Apr 2016
Posts: 332
Team: just4fun
Reputation: 146 Reputation
Online
Fri, 12 Jan 2018 @ 17:36:10

u should also remmber that device on both side as to support it.

phone/tablet/pcs and routers etc..


+rep if i helped
BTC : 1PAyKniGHt7yyCb8HdsziTHBEFX6zkGSHz


11 Results - Page 1 of 1 -
1

We have a total of 151566 messages in 18770 topics.
We have a total of 17897 registered users.
Our newest registered member is ziadeh.