WiFicalypse continued

As announced some days ago in Hashcat forum a new method was found to crack WPAv1 / WPAv2 Pre-shared keys. The method speeds up the time to crack WPAv1 / WPVA2 Pre-sharded keys because an attcker does not need to wait for network traffic and the four-way handshake process (EAPOL - Extensible Authentication Protocol over LAN).

Cicso just announced some hours ago the Informational Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180809-wpa2 that their products are not affected due to the lack of PMKID (Pairwise master key identifier) support. However Cisco recommends:

When possible, migrate to 802.1x from any Wi-Fi authentication mechanism that uses a PSK. Cisco does not recommend using a PSK as an authentication mechanism, and its use should be relegated to specific compatibility scenarios

If migrating from a PSK to 802.1x is not possible, configure a strong PSK with a minimum length of 18 characters or more

See also some news article at The Register Security (english) and Heise Online Security (german).

Search my web site