WPA/WPA2 PSK Vulnerability

While researching potential vulnerabilities in the new WPA3 standard for WiFi security, a developer for Hashcat, Jens Steube, found a new way to crack WPA and WPA2 pre-shared keys.

The crux of the vulnerability is in the RSN IE field. This is an optional field of 802.11 frames that is based on a hash of the PSK. Jens created a workflow for taking a single 802.11 frame, extract the RSN PMKID value and then use hashcat to generate a matching hash and thus determine the initial value (the PSK) for the hash.

Jens utilized four GeForce GTX 1080 GPUs to crack an eight character PSK in 52 seconds. More modest hardware could accomplish the same in 15 to 20 minutes. An especially insidious repercussion for this vulnerability is caused by the lack of forward secrecy in WAP or WPA2: If an attacker already has packets from a particular network, they can use this workflow to crack the PSK and unlock previously obtained packets using the same PSK. Obviously this allows an attacker to crack future packets as well.

At this time, the full extent of the vulnerability isn’t entirely known. This has the potential to affect any wireless access point or router that supports 802.11i/p/q/r. There are two main methods to protect against this attack, PSK complexity and regular PSK changes. Long, complex PSKs could increase the time it takes to crack the PSK, but GPUs capable of incredibly high hash rates are easy to come across. Changing PSKs frequently can also mitigate the harm as the attacker would have to obtain the new RSN IE for each change.