Defcon Day 1: Church of Wifi
Thursday, August 9, 2007
Defcon started for me with a presentation from the Church of Wifi. This is the first time I've ever been exposed to the persons behind CoWF but they were very interesting to say the least.
There were a ton of projects that they went over like The Traveling Terabyte, portable file servers, rolling thunder a car mounted file server, a special CoWF linux distribution, and last and probably most importantly, the new WPA Rainbow Tables.
Rainbow Tables
For those of us that don't know, rainbow tables offer a time-memory trade off used to recover the plaintext password from a password hash generated by some kind of hash function. In normal terms, it saves you all the time to crack a password hash by having a list of all the hashes and then the password that they correlate to. But there is a challenge when making a rainbow table for WPA.
How WPA Hashes Work
WPA is the new security standard that currently does not have an easy way of attacking without a brute force method. The hashes are created by encrypting the password the users wants, and then by adding the ESSID of the wireless network as a salt to that hash. This salting process is repeated 1000's of times in what's call a Password-based Key Derivation Function (2). The specific purpose of the salt is to protect against rainbow tables and dictionary attacks. But that hasn't stopped CoWF.
WPA Rainbow Tables V1: CoWPAtty Lookup Tables
Last year, apparently, CoWF released the much praised WPA Rainbow Tables which were over 7GB in size. Perfect for a dual layer DVD. The problem was that because of how WPA works, and as explained above, the tables were not as easy to make as say a WEP rainbow table. This was due to the issue that if a wireless network chose the same password, they would not have the same hash value. So they needed to correlate the hash values to the password AND the SSID. So 7GB is really not very large when you think about how for every SSID, and for every dictionary work you would have a hash and the corresponding password. The first version was 172,000 words for the top 1000 SSID's.
WPA Rainbow Tables V2: Uber CoWPAtty Lookup Tables
This year they released the newest WPA rainbow tables. So what's different? Instead of the 172,000 word dictionary used before, they employed a trimmed version of 1,000,000 words. This list had contributions from the group and Kevin Mitnick. They harvested actual passwords from Google to compile the list of not just dictionary words but most common passwords used. From the 4 million real passwords found, 1 million words were put into the list. The result? An almost 40GB rainbow table of the most common SSID's with the most common passwords.
What's next for CoWPAtty?
So 40GB is big but they were actually thinking about using 2 million words. The reason they didn't was to support the idea that they could create a live distribution that would use a USB hard drive to boot up and automatically start the rainbow tables. That will be very interesting to see.
Render
Render, the self proclaimed “mouthpiece” of the CoWF, went on to discuss other interesting topics like how the new 802.11i specification includes a DoS condition built into the protocol, a call out for more cheap, open, bluetooth capturing tools, and a really simple but cool way to defend against wireless attacks.
Defending WEP and Talking to Eachother
One of the topic Renders talked about was how applications like aircrack-ptw enabled anyone out there to be able to crack WEP in a matter of minutes. He pointed out that aircrack, whichever version, does not verify the packets coming in. His point being that if an access point were to send fake packets to muck up the aircrack process, cracking would be much harder. So although this was interesting, two other groups had come up with the same idea already but they didn't know about each other.
His point more than showing a possible defense against wireless attacks, was that groups needed to communicate more. He talked about how we as a community need to share discoveries and information more openly.
Conclusions
Church of Wifi was a great way to start off Defcon for me. The packed room showed how everyone was interested in the subject and it was a cool way of learning about all the projects that the Church of Wifi had been working on throughout the year.
External Links
http://www.churchofwifi.org/ - Church of Wifi Website
http://en.wikipedia.org/wiki/PBKDF2 - a link to a deeper explaination of how WPA hashes their passwords
http://www.churchofwifi.org/FileLib_Index.asp?FID=30&LibName=Uber%20Wifi%20tables% - link to the SSID's and passwords used to create the CoWPAtty Uber Rainbow Tables
Labels: Church of Wifi, CoWF, Defcon, Render, Uber CoWPAtty, WPA rainbow tables
Defcon started for me with a presentation from the Church of Wifi. This is the first time I've ever been exposed to the persons behind CoWF but they were very interesting to say the least.
There were a ton of projects that they went over like The Traveling Terabyte, portable file servers, rolling thunder a car mounted file server, a special CoWF linux distribution, and last and probably most importantly, the new WPA Rainbow Tables.
Rainbow Tables
For those of us that don't know, rainbow tables offer a time-memory trade off used to recover the plaintext password from a password hash generated by some kind of hash function. In normal terms, it saves you all the time to crack a password hash by having a list of all the hashes and then the password that they correlate to. But there is a challenge when making a rainbow table for WPA.
How WPA Hashes Work
WPA is the new security standard that currently does not have an easy way of attacking without a brute force method. The hashes are created by encrypting the password the users wants, and then by adding the ESSID of the wireless network as a salt to that hash. This salting process is repeated 1000's of times in what's call a Password-based Key Derivation Function (2). The specific purpose of the salt is to protect against rainbow tables and dictionary attacks. But that hasn't stopped CoWF.
WPA Rainbow Tables V1: CoWPAtty Lookup Tables
Last year, apparently, CoWF released the much praised WPA Rainbow Tables which were over 7GB in size. Perfect for a dual layer DVD. The problem was that because of how WPA works, and as explained above, the tables were not as easy to make as say a WEP rainbow table. This was due to the issue that if a wireless network chose the same password, they would not have the same hash value. So they needed to correlate the hash values to the password AND the SSID. So 7GB is really not very large when you think about how for every SSID, and for every dictionary work you would have a hash and the corresponding password. The first version was 172,000 words for the top 1000 SSID's.
WPA Rainbow Tables V2: Uber CoWPAtty Lookup Tables
This year they released the newest WPA rainbow tables. So what's different? Instead of the 172,000 word dictionary used before, they employed a trimmed version of 1,000,000 words. This list had contributions from the group and Kevin Mitnick. They harvested actual passwords from Google to compile the list of not just dictionary words but most common passwords used. From the 4 million real passwords found, 1 million words were put into the list. The result? An almost 40GB rainbow table of the most common SSID's with the most common passwords.
What's next for CoWPAtty?
So 40GB is big but they were actually thinking about using 2 million words. The reason they didn't was to support the idea that they could create a live distribution that would use a USB hard drive to boot up and automatically start the rainbow tables. That will be very interesting to see.
Render
Render, the self proclaimed “mouthpiece” of the CoWF, went on to discuss other interesting topics like how the new 802.11i specification includes a DoS condition built into the protocol, a call out for more cheap, open, bluetooth capturing tools, and a really simple but cool way to defend against wireless attacks.
Defending WEP and Talking to Eachother
One of the topic Renders talked about was how applications like aircrack-ptw enabled anyone out there to be able to crack WEP in a matter of minutes. He pointed out that aircrack, whichever version, does not verify the packets coming in. His point being that if an access point were to send fake packets to muck up the aircrack process, cracking would be much harder. So although this was interesting, two other groups had come up with the same idea already but they didn't know about each other.
His point more than showing a possible defense against wireless attacks, was that groups needed to communicate more. He talked about how we as a community need to share discoveries and information more openly.
Conclusions
Church of Wifi was a great way to start off Defcon for me. The packed room showed how everyone was interested in the subject and it was a cool way of learning about all the projects that the Church of Wifi had been working on throughout the year.
External Links
http://www.churchofwifi.org/ - Church of Wifi Website
http://en.wikipedia.org/wiki/PBKDF2 - a link to a deeper explaination of how WPA hashes their passwords
http://www.churchofwifi.org/FileLib_Index.asp?FID=30&LibName=Uber%20Wifi%20tables% - link to the SSID's and passwords used to create the CoWPAtty Uber Rainbow Tables
Labels: Church of Wifi, CoWF, Defcon, Render, Uber CoWPAtty, WPA rainbow tables
<< Home