Google Groups Home
Help | Sign in
sci.crypt
+ new post
About this group
Subscribe to this group
This is a Usenet group - learn more
WPA2-PSK safty despite PSK compromise
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   7 messages - Collapse all
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
Thorsten Tarrach  
View profile
  More options Jul 16, 10:57 am
Newsgroups: sci.crypt
From: "Thorsten Tarrach" <tho_pub...@gmx.de>
Date: Wed, 16 Jul 2008 16:57:01 +0200
Local: Wed, Jul 16 2008 10:57 am
Subject: WPA2-PSK safty despite PSK compromise
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
Hi,

I'm wondering about WPA2 safety in the scenario of a compromised preshared
key (PSK).
I'm aware that the protocol is safe by today's knowledge if they key is kept
secure.
But what if I share the key with another person to enable that person to use
my AP. Will that break confidentiality of my communication with the AP?
The AES encryption key is derived from the PSK in some form of handshake. I
want to know now if someone else can obtain that key by capturing the
handshake and knowing the PSK?

Thanks, Thorsten


    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Carsten Krueger  
View profile
  More options Jul 16, 2:09 pm
Newsgroups: sci.crypt
From: Carsten Krueger <cakru...@invalid.invalid>
Date: Wed, 16 Jul 2008 20:09:02 +0200
Local: Wed, Jul 16 2008 2:09 pm
Subject: Re: WPA2-PSK safty despite PSK compromise
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
Am Wed, 16 Jul 2008 16:57:01 +0200 schrieb Thorsten Tarrach:

> Will that break confidentiality of my communication with the AP?

Yes, because he can do a man in the middle attack

greetings
Carsten
--
ID = 0x2BFBF5D8 FP = 53CA 1609 B00A D2DB A066  314C 6493 69AB 2BFB F5D8
http://www.realname-diskussion.info - Realnames sind keine Pflicht
http://www.spamgourmet.com/ + http://www.temporaryinbox.com/ - Antispam
cakruege (at) gmail (dot) com | http://www.geocities.com/mungfaq/


    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Thorsten Tarrach  
View profile
  More options Jul 17, 3:56 am
Newsgroups: sci.crypt
From: "Thorsten Tarrach" <tho_pub...@gmx.de>
Date: Thu, 17 Jul 2008 09:56:47 +0200
Local: Thurs, Jul 17 2008 3:56 am
Subject: Re: WPA2-PSK safty despite PSK compromise
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
Hi Carsten,

I agree that a man in the middle attack (probably ARP poisoning) would be
feasible but to sustain it over long periods unnoticed would be difficult.
So what about the case of a silent listener?

Thanks, Thorsten

"Carsten Krueger" <cakru...@invalid.invalid> wrote in message

news:945u0oramtk8$.dlg@cakruege.my-fqdn.de...


    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Carsten Krueger  
View profile
  More options Jul 17, 1:04 pm
Newsgroups: sci.crypt
From: Carsten Krueger <cakru...@invalid.invalid>
Date: Thu, 17 Jul 2008 19:04:55 +0200
Local: Thurs, Jul 17 2008 1:04 pm
Subject: Re: WPA2-PSK safty despite PSK compromise
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
Am Thu, 17 Jul 2008 09:56:47 +0200 schrieb Thorsten Tarrach:

> So what about the case of a silent listener?

can sniff, too

wpa-buddy or aircrack-ng (airdecap)

greetings
Carsten
--
ID = 0x2BFBF5D8 FP = 53CA 1609 B00A D2DB A066  314C 6493 69AB 2BFB F5D8
http://www.realname-diskussion.info - Realnames sind keine Pflicht
http://www.spamgourmet.com/ + http://www.temporaryinbox.com/ - Antispam
cakruege (at) gmail (dot) com | http://www.geocities.com/mungfaq/


    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Dale Harris  
View profile
  More options Jul 18, 8:01 am
Newsgroups: sci.crypt
From: "Dale Harris" <nos...@harriscorp.com>
Date: Fri, 18 Jul 2008 14:01:23 +0200
Local: Fri, Jul 18 2008 8:01 am
Subject: Re: WPA2-PSK safty despite PSK compromise
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author

"Thorsten Tarrach" <tho_pub...@gmx.de> wrote in message

news:487e0c3f$0$23894$8a7afdce@news4.usenet4u.nl...

> Hi,

> I'm wondering about WPA2 safety in the scenario of a compromised preshared
> key (PSK).
> I'm aware that the protocol is safe by today's knowledge if they key is
> kept
> secure.
> But what if I share the key with another person to enable that person to
> use
> my AP. Will that break confidentiality of my communication with the AP?
> The AES encryption key is derived from the PSK in some form of handshake.
> I
> want to know now if someone else can obtain that key by capturing the
> handshake and knowing the PSK?

If the key is compromised than you cannot expect any security. Cryptology is
all about keys.

** Posted from http://www.teranews.com **


    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Carsten Krueger  
View profile
  More options Jul 18, 6:34 pm
Newsgroups: sci.crypt
From: Carsten Krueger <cakru...@invalid.invalid>
Date: Sat, 19 Jul 2008 00:34:51 +0200
Local: Fri, Jul 18 2008 6:34 pm
Subject: Re: WPA2-PSK safty despite PSK compromise
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
Am Fri, 18 Jul 2008 14:01:23 +0200 schrieb Dale Harris:

> If the key is compromised than you cannot expect any security. Cryptology is
> all about keys.

http://en.wikipedia.org/wiki/Perfect_forward_secrecy

but WPA2 didn't implement this

greetings
Carsten
--
ID = 0x2BFBF5D8 FP = 53CA 1609 B00A D2DB A066  314C 6493 69AB 2BFB F5D8
http://www.realname-diskussion.info - Realnames sind keine Pflicht
http://www.spamgourmet.com/ + http://www.temporaryinbox.com/ - Antispam
cakruege (at) gmail (dot) com | http://www.geocities.com/mungfaq/


    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Thorsten Tarrach  
View profile
  More options Jul 23, 6:19 pm
Newsgroups: sci.crypt
From: "Thorsten Tarrach" <tho_pub...@gmx.de>
Date: Thu, 24 Jul 2008 00:19:33 +0200
Local: Wed, Jul 23 2008 6:19 pm
Subject: Re: WPA2-PSK safty despite PSK compromise
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
"Carsten Krueger" <cakru...@invalid.invalid> wrote in message

news:smxz9qy52cbr.dlg@cakruege.my-fqdn.de...

> Am Fri, 18 Jul 2008 14:01:23 +0200 schrieb Dale Harris:

>> If the key is compromised than you cannot expect any security. Cryptology
>> is
>> all about keys.

> http://en.wikipedia.org/wiki/Perfect_forward_secrecy

> but WPA2 didn't implement this

That's what I would have expected. With Diffie-Hellman key exchange the AP
and station could derive a key without a passive adversary gaining access to
it.

    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
End of messages
« Back to Discussions « Newer topic     Older topic »

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2008 Google