WiFicalypse continued

Table of contents

  1. Crack of WPAv1 / WPAv2 Pre-shared keys
  2. Cisco Security Advisory
  3. News articles

Crack of WPAv1 / WPAv2 Pre-shared keys

As announced some days ago in Hashcat forum a new method was found to crack WPAv1 / WPAv2 Pre-shared keys. The method speeds up the time to crack WPAv1 / WPVA2 Pre-sharded keys because an attcker does not need to wait for network traffic and the four-way handshake process (EAPOL - Extensible Authentication Protocol over LAN).

Cisco Security Advisory

Cicso just announced some hours ago the Informational Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180809-wpa2 that their products are not affected due to the lack of PMKID (Pairwise master key identifier) support.

However Cisco recommends:

    When possible, migrate to 802.1x from any Wi-Fi authentication mechanism that
    uses a PSK. Cisco does not recommend using a PSK as an authentication mechanism,
    and its use should be relegated to specific compatibility scenarios

    If migrating from a PSK to 802.1x is not possible, configure a strong PSK with
    a minimum length of 18 characters or more

News articles

See also some news article at The Register Security (english) and Heise Online Security (german).