Paper 2016/547
Efficient High-Speed WPA2 Brute Force Attacks using Scalable Low-Cost FPGA Clustering
Markus Kammerstetter, Markus Muellner, Daniel Burian, Christian Kudera, and Wolfgang Kastner
Abstract
WPA2-Personal is widely used to protect Wi-Fi networks against illicit access. While attackers typically use GPUs to speed up the discovery of weak network passwords, attacking random passwords is considered to quickly become infeasible with increasing password length. Professional attackers may thus turn to commercial high-end FPGA-based cluster solutions to significantly increase the speed of those attacks. Well known manufacturers such as Elcomsoft have succeeded in creating world's fastest commercial FPGA-based WPA2 password recovery system, but since they rely on high-performance FPGAs the costs of these systems are well beyond the reach of amateurs. In this paper, we present a highly optimized low-cost FPGA cluster-based WPA-2 Personal password recovery system that can not only achieve similar performance at a cost affordable by amateurs, but in comparison our implementation would also be more than $5$ times as fast on the original hardware. Since the currently fastest system is not only significantly slower but proprietary as well, we believe that we are the first to present the internals of a highly optimized and fully pipelined FPGA WPA2 password recovery system. In addition we evaluated our approach with respect to performance and power usage and compare it to GPU-based systems.
Metadata
- Available format(s)
- Publication info
- Published by the IACR in CHES 2016
- Keywords
- FPGAWPA2SecurityBrute ForceAttacks
- Contact author(s)
-
mk @ seclab tuwien ac at
k @ auto tuwien ac at - History
- 2016-06-02: received
- Short URL
- https://ia.cr/2016/547
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2016/547, author = {Markus Kammerstetter and Markus Muellner and Daniel Burian and Christian Kudera and Wolfgang Kastner}, title = {Efficient High-Speed {WPA2} Brute Force Attacks using Scalable Low-Cost {FPGA} Clustering}, howpublished = {Cryptology {ePrint} Archive, Paper 2016/547}, year = {2016}, url = {https://eprint.iacr.org/2016/547} }