Well, there seems to be a mix up here: we are discussing AES (Rijndael) not DES :)
> Of course brute force will work. DES is fairly non-intensive, as far as > encryptions go. Moreover, using FPGAs to build dedicated DES cracking > machines is both feasible and relatively cheap. And, it has been done. The > latest iteration of the COPACOBANA does its business in the span of one > single day. This machine was built in 2006 and cost $10000 at the time. I > would not be surprised if the cost today would be less than one tenth of > that. Moreover, the maximum WPA key length is 64 characters, which is > pathetic, especially when restricted to the ASCII keymap. > > There already exists cloud services for DES cracking :) and it's not that > expensive, either. I don't think trusting the cloud service in question is > much of an issue: a key is useless unless you know where it fits. Also, if > you submit a DES key, chances are you are the attacker and that you > couldn't care less about any breaches in security your adversary might > experience ;) > > On 31 July 2012 14:03, <[email protected]> wrote: > >> :) Brute Force using that approach will never work; you could try >> exploiting weaknesses in mathematical implementations of the algorithm >> by >> programmers and mathematical weaknesses in the hardware. >> >> The cloud is a good thing , and makes business sense (though it may not >> be >> so, with the Patent Department): imagine how many under utilized servers >> out there yet they pay licenses, support fees, admin personnel, utility >> bills, etc (on some OSs, just running one server machine as an >> authentication server, can give you authentication capability for more >> than 25,000 users; now imagine how many under utilized database servers, >> email servers, etc out there). A cloud solution lowers your TCO and >> gives >> you better ROI. :) >> >> Of course, the IT department is not impressed by the above, because they >> need to access the hardware (and also want to control the IT budget), >> besides they don't trust the guys in the cloud, yet they are the same >> guys >> who trust facebook, google, the ISPs, the Telcos, the banks, etc :) >> >> >> >> > Well, I would of course use a cloud service for that :P either that, >> or >> > one >> > of the clusters at our university. >> > >> > On 31 July 2012 13:30, <[email protected]> wrote: >> > >> >> :) Ah, cracking AES 256 and "higher", don't think you have those >> >> resources; probably thats for departments with serious scary budget >> >> figures. >> >> >> >> Well, for the case of WEP, when a paper detailing its weaknesses was >> >> submitted to the internet community, they brushed it off saying what >> it >> >> detailed was only theoretical and could never occur in practice, yet >> >> when >> >> WEP was finally broken; the media reported it as an off the shelf >> hack >> >> activity. :) >> >> >> >> >> >> > Well, hum. :P >> >> > >> >> > I wonder how long it'll take until all the WPA2 Enterprise networks >> >> have >> >> > been secured. Why do I have to be in the middle of twenty-years-ago >> >> state >> >> > * >> >> > now*? I want to be home and do some rampant WPA2E cracking! >> >> > >> >> > On 31 July 2012 12:52, <[email protected]> >> wrote: >> >> > >> >> >> Does your MS interpretation sound like >> >> >> the x-400 e mail format or the seven layer OSI standard? :) >> >> >> >> >> >> >> >> >> > What do you mean "despite"? :P I've regularly been using my own >> VPN >> >> >> since >> >> >> > 2007 when I had to start using a PPTP connection regularly. "MS" >> >> >> > translates >> >> >> > to "closed, flawed, and eventually defeated" in my book. >> >> >> > >> >> >> > On 31 July 2012 12:27, <[email protected]> >> >> wrote: >> >> >> > >> >> >> >> :) But PPTP has always had its issues despite its being from >> MS, >> >> L2F >> >> >> >> from >> >> >> >> the other vendor, the same case, L2TP an attempt to combine the >> >> above >> >> >> >> two >> >> >> >> also is good when run with IPSec doing the encryption, yet >> IPSec >> >> also >> >> >> >> has >> >> >> >> its own issues. >> >> >> >> >> >> >> >> Maybe SSL can do, save for its reliance on the PKI..... and >> some >> >> >> >> restrictions on key usage... >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> > Well, at least PPTP with MS-CHAPv2 authentication is. >> >> >> >> > >> >> >> >> > >> >> >> >> >> >> >> >> >> >> http://www.cso.com.au/article/432039/tools_released_defcon_can_crack_widely_used_pptp_encryption_under_day/ >> >> >> >> > >> >> >> >> > I can't say I'm very surprised. I've always done all my >> business >> >> >> >> through >> >> >> >> a >> >> >> >> > (better) VPN when on such a network, simply because the "MS" >> in >> >> >> >> > "MS-CHAPv2" >> >> >> >> > always made me nervous. >> >> >> >> > _______________________________________________ >> >> >> >> > The Uganda Linux User Group: http://linux.or.ug >> >> >> >> > >> >> >> >> > Send messages to this mailing list by addressing e-mails to: >> >> >> >> > [email protected] >> >> >> >> > Mailing list archives: >> >> http://www.mail-archive.com/[email protected]/ >> >> >> >> > Mailing list settings: http://kym.net/mailman/listinfo/lug >> >> >> >> > To unsubscribe: http://kym.net/mailman/options/lug >> >> >> >> > >> >> >> >> > The Uganda LUG mailing list is generously hosted by INFOCOM: >> >> >> >> > http://www.infocom.co.ug/ >> >> >> >> > >> >> >> >> > The above comments and data are owned by whoever posted them >> >> >> >> (including >> >> >> >> > attachments if any). The mailing list host is not responsible >> >> for >> >> >> them >> >> >> >> in >> >> >> >> > any way. >> >> >> >> >> >> >> >> >> >> >> >> _______________________________________________ >> >> >> >> The Uganda Linux User Group: http://linux.or.ug >> >> >> >> >> >> >> >> Send messages to this mailing list by addressing e-mails to: >> >> >> >> [email protected] >> >> >> >> Mailing list archives: >> >> http://www.mail-archive.com/[email protected]/ >> >> >> >> Mailing list settings: http://kym.net/mailman/listinfo/lug >> >> >> >> To unsubscribe: http://kym.net/mailman/options/lug >> >> >> >> >> >> >> >> The Uganda LUG mailing list is generously hosted by INFOCOM: >> >> >> >> http://www.infocom.co.ug/ >> >> >> >> >> >> >> >> The above comments and data are owned by whoever posted them >> >> >> (including >> >> >> >> attachments if any). The mailing list host is not responsible >> for >> >> >> them >> >> >> >> in >> >> >> >> any way. >> >> >> >> >> >> >> > _______________________________________________ >> >> >> > The Uganda Linux User Group: http://linux.or.ug >> >> >> > >> >> >> > Send messages to this mailing list by addressing e-mails to: >> >> >> > [email protected] >> >> >> > Mailing list archives: >> http://www.mail-archive.com/[email protected]/ >> >> >> > Mailing list settings: http://kym.net/mailman/listinfo/lug >> >> >> > To unsubscribe: http://kym.net/mailman/options/lug >> >> >> > >> >> >> > The Uganda LUG mailing list is generously hosted by INFOCOM: >> >> >> > http://www.infocom.co.ug/ >> >> >> > >> >> >> > The above comments and data are owned by whoever posted them >> >> >> (including >> >> >> > attachments if any). The mailing list host is not responsible >> for >> >> them >> >> >> in >> >> >> > any way. >> >> >> >> >> >> >> >> >> _______________________________________________ >> >> >> The Uganda Linux User Group: http://linux.or.ug >> >> >> >> >> >> Send messages to this mailing list by addressing e-mails to: >> >> >> [email protected] >> >> >> Mailing list archives: >> http://www.mail-archive.com/[email protected]/ >> >> >> Mailing list settings: http://kym.net/mailman/listinfo/lug >> >> >> To unsubscribe: http://kym.net/mailman/options/lug >> >> >> >> >> >> The Uganda LUG mailing list is generously hosted by INFOCOM: >> >> >> http://www.infocom.co.ug/ >> >> >> >> >> >> The above comments and data are owned by whoever posted them >> >> (including >> >> >> attachments if any). The mailing list host is not responsible for >> >> them >> >> >> in >> >> >> any way. >> >> >> >> >> > _______________________________________________ >> >> > The Uganda Linux User Group: http://linux.or.ug >> >> > >> >> > Send messages to this mailing list by addressing e-mails to: >> >> > [email protected] >> >> > Mailing list archives: http://www.mail-archive.com/[email protected]/ >> >> > Mailing list settings: http://kym.net/mailman/listinfo/lug >> >> > To unsubscribe: http://kym.net/mailman/options/lug >> >> > >> >> > The Uganda LUG mailing list is generously hosted by INFOCOM: >> >> > http://www.infocom.co.ug/ >> >> > >> >> > The above comments and data are owned by whoever posted them >> >> (including >> >> > attachments if any). The mailing list host is not responsible for >> them >> >> in >> >> > any way. >> >> >> >> >> >> _______________________________________________ >> >> The Uganda Linux User Group: http://linux.or.ug >> >> >> >> Send messages to this mailing list by addressing e-mails to: >> >> [email protected] >> >> Mailing list archives: http://www.mail-archive.com/[email protected]/ >> >> Mailing list settings: http://kym.net/mailman/listinfo/lug >> >> To unsubscribe: http://kym.net/mailman/options/lug >> >> >> >> The Uganda LUG mailing list is generously hosted by INFOCOM: >> >> http://www.infocom.co.ug/ >> >> >> >> The above comments and data are owned by whoever posted them >> (including >> >> attachments if any). The mailing list host is not responsible for >> them >> >> in >> >> any way. >> >> >> > _______________________________________________ >> > The Uganda Linux User Group: http://linux.or.ug >> > >> > Send messages to this mailing list by addressing e-mails to: >> > [email protected] >> > Mailing list archives: http://www.mail-archive.com/[email protected]/ >> > Mailing list settings: http://kym.net/mailman/listinfo/lug >> > To unsubscribe: http://kym.net/mailman/options/lug >> > >> > The Uganda LUG mailing list is generously hosted by INFOCOM: >> > http://www.infocom.co.ug/ >> > >> > The above comments and data are owned by whoever posted them >> (including >> > attachments if any). The mailing list host is not responsible for them >> in >> > any way. >> >> >> _______________________________________________ >> The Uganda Linux User Group: http://linux.or.ug >> >> Send messages to this mailing list by addressing e-mails to: >> [email protected] >> Mailing list archives: http://www.mail-archive.com/[email protected]/ >> Mailing list settings: http://kym.net/mailman/listinfo/lug >> To unsubscribe: http://kym.net/mailman/options/lug >> >> The Uganda LUG mailing list is generously hosted by INFOCOM: >> http://www.infocom.co.ug/ >> >> The above comments and data are owned by whoever posted them (including >> attachments if any). The mailing list host is not responsible for them >> in >> any way. >> > _______________________________________________ > The Uganda Linux User Group: http://linux.or.ug > > Send messages to this mailing list by addressing e-mails to: > [email protected] > Mailing list archives: http://www.mail-archive.com/[email protected]/ > Mailing list settings: http://kym.net/mailman/listinfo/lug > To unsubscribe: http://kym.net/mailman/options/lug > > The Uganda LUG mailing list is generously hosted by INFOCOM: > http://www.infocom.co.ug/ > > The above comments and data are owned by whoever posted them (including > attachments if any). The mailing list host is not responsible for them in > any way. _______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
