Probably not so as far as security is concerned in low end markets, but in high end markets, the implementations can get really strict. :)
> Well, it seems as though I will not have to crack AES by itself, eh? :) > > On 31 July 2012 15:59, <[email protected]> wrote: > >> :) WPA2 is based on AES, but with the ability to evolve in case >> weaknesses >> in the algorithm are found. AES by itself is still strong and i don't >> think you can crack it. The implementation of AES in different gadgets >> is >> where the exploits come in. Also issues to do with using key lengths >> longer than "the gov't" can crack make it weak, i think. >> >> >> > Um, no. This thread is about WPA2E, right? I quote: >> > >> > ChapCrack can take captured network traffic that contains a MS-CHAPv2 >> >> network handshake (PPTP VPN or WPA2 Enterprise handshake) and reduce >> the >> >> handshake's security to a single DES (Data Encryption Standard) key. >> > >> > >> > On 31 July 2012 15:40, <[email protected]> wrote: >> > >> >> Well, there seems to be a mix up here: we are discussing AES >> (Rijndael) >> >> not DES :) >> >> >> >> >> >> > Of course brute force will work. DES is fairly non-intensive, as >> far >> >> as >> >> > encryptions go. Moreover, using FPGAs to build dedicated DES >> cracking >> >> > machines is both feasible and relatively cheap. And, it has been >> done. >> >> The >> >> > latest iteration of the COPACOBANA does its business in the span of >> >> one >> >> > single day. This machine was built in 2006 and cost $10000 at the >> >> time. I >> >> > would not be surprised if the cost today would be less than one >> tenth >> >> of >> >> > that. Moreover, the maximum WPA key length is 64 characters, which >> is >> >> > pathetic, especially when restricted to the ASCII keymap. >> >> > >> >> > There already exists cloud services for DES cracking :) and it's >> not >> >> that >> >> > expensive, either. I don't think trusting the cloud service in >> >> question >> >> is >> >> > much of an issue: a key is useless unless you know where it fits. >> >> Also, >> >> if >> >> > you submit a DES key, chances are you are the attacker and that you >> >> > couldn't care less about any breaches in security your adversary >> might >> >> > experience ;) >> >> > >> >> > On 31 July 2012 14:03, <[email protected]> >> wrote: >> >> > >> >> >> :) Brute Force using that approach will never work; you could try >> >> >> exploiting weaknesses in mathematical implementations of the >> >> algorithm >> >> >> by >> >> >> programmers and mathematical weaknesses in the hardware. >> >> >> >> >> >> The cloud is a good thing , and makes business sense (though it >> may >> >> not >> >> >> be >> >> >> so, with the Patent Department): imagine how many under utilized >> >> servers >> >> >> out there yet they pay licenses, support fees, admin personnel, >> >> utility >> >> >> bills, etc (on some OSs, just running one server machine as an >> >> >> authentication server, can give you authentication capability for >> >> more >> >> >> than 25,000 users; now imagine how many under utilized database >> >> servers, >> >> >> email servers, etc out there). A cloud solution lowers your TCO >> and >> >> >> gives >> >> >> you better ROI. :) >> >> >> >> >> >> Of course, the IT department is not impressed by the above, >> because >> >> they >> >> >> need to access the hardware (and also want to control the IT >> budget), >> >> >> besides they don't trust the guys in the cloud, yet they are the >> same >> >> >> guys >> >> >> who trust facebook, google, the ISPs, the Telcos, the banks, etc >> :) >> >> >> >> >> >> >> >> >> >> >> >> > Well, I would of course use a cloud service for that :P either >> >> that, >> >> >> or >> >> >> > one >> >> >> > of the clusters at our university. >> >> >> > >> >> >> > On 31 July 2012 13:30, <[email protected]> >> >> wrote: >> >> >> > >> >> >> >> :) Ah, cracking AES 256 and "higher", don't think you have >> those >> >> >> >> resources; probably thats for departments with serious scary >> >> budget >> >> >> >> figures. >> >> >> >> >> >> >> >> Well, for the case of WEP, when a paper detailing its >> weaknesses >> >> was >> >> >> >> submitted to the internet community, they brushed it off saying >> >> what >> >> >> it >> >> >> >> detailed was only theoretical and could never occur in >> practice, >> >> yet >> >> >> >> when >> >> >> >> WEP was finally broken; the media reported it as an off the >> shelf >> >> >> hack >> >> >> >> activity. :) >> >> >> >> >> >> >> >> >> >> >> >> > Well, hum. :P >> >> >> >> > >> >> >> >> > I wonder how long it'll take until all the WPA2 Enterprise >> >> networks >> >> >> >> have >> >> >> >> > been secured. Why do I have to be in the middle of >> >> twenty-years-ago >> >> >> >> state >> >> >> >> > * >> >> >> >> > now*? I want to be home and do some rampant WPA2E cracking! >> >> >> >> > >> >> >> >> > On 31 July 2012 12:52, <[email protected]> >> >> >> wrote: >> >> >> >> > >> >> >> >> >> Does your MS interpretation sound like >> >> >> >> >> the x-400 e mail format or the seven layer OSI standard? :) >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> > What do you mean "despite"? :P I've regularly been using >> my >> >> own >> >> >> VPN >> >> >> >> >> since >> >> >> >> >> > 2007 when I had to start using a PPTP connection >> regularly. >> >> "MS" >> >> >> >> >> > translates >> >> >> >> >> > to "closed, flawed, and eventually defeated" in my book. >> >> >> >> >> > >> >> >> >> >> > On 31 July 2012 12:27, >> <[email protected] >> > >> >> >> >> wrote: >> >> >> >> >> > >> >> >> >> >> >> :) But PPTP has always had its issues despite its being >> from >> >> >> MS, >> >> >> >> L2F >> >> >> >> >> >> from >> >> >> >> >> >> the other vendor, the same case, L2TP an attempt to >> combine >> >> the >> >> >> >> above >> >> >> >> >> >> two >> >> >> >> >> >> also is good when run with IPSec doing the encryption, >> yet >> >> >> IPSec >> >> >> >> also >> >> >> >> >> >> has >> >> >> >> >> >> its own issues. >> >> >> >> >> >> >> >> >> >> >> >> Maybe SSL can do, save for its reliance on the PKI..... >> and >> >> >> some >> >> >> >> >> >> restrictions on key usage... >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> > Well, at least PPTP with MS-CHAPv2 authentication is. >> >> >> >> >> >> > >> >> >> >> >> >> > >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> http://www.cso.com.au/article/432039/tools_released_defcon_can_crack_widely_used_pptp_encryption_under_day/ >> >> >> >> >> >> > >> >> >> >> >> >> > I can't say I'm very surprised. I've always done all my >> >> >> business >> >> >> >> >> >> through >> >> >> >> >> >> a >> >> >> >> >> >> > (better) VPN when on such a network, simply because the >> >> "MS" >> >> >> in >> >> >> >> >> >> > "MS-CHAPv2" >> >> >> >> >> >> > always made me nervous. >> >> >> >> >> >> > _______________________________________________ >> >> >> >> >> >> > The Uganda Linux User Group: http://linux.or.ug >> >> >> >> >> >> > >> >> >> >> >> >> > Send messages to this mailing list by addressing >> e-mails >> >> to: >> >> >> >> >> >> > [email protected] >> >> >> >> >> >> > Mailing list archives: >> >> >> >> http://www.mail-archive.com/[email protected]/ >> >> >> >> >> >> > Mailing list settings: >> http://kym.net/mailman/listinfo/lug >> >> >> >> >> >> > To unsubscribe: http://kym.net/mailman/options/lug >> >> >> >> >> >> > >> >> >> >> >> >> > The Uganda LUG mailing list is generously hosted by >> >> INFOCOM: >> >> >> >> >> >> > http://www.infocom.co.ug/ >> >> >> >> >> >> > >> >> >> >> >> >> > The above comments and data are owned by whoever posted >> >> them >> >> >> >> >> >> (including >> >> >> >> >> >> > attachments if any). The mailing list host is not >> >> responsible >> >> >> >> for >> >> >> >> >> them >> >> >> >> >> >> in >> >> >> >> >> >> > any way. >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> _______________________________________________ >> >> >> >> >> >> The Uganda Linux User Group: http://linux.or.ug >> >> >> >> >> >> >> >> >> >> >> >> Send messages to this mailing list by addressing e-mails >> to: >> >> >> >> >> >> [email protected] >> >> >> >> >> >> Mailing list archives: >> >> >> >> http://www.mail-archive.com/[email protected]/ >> >> >> >> >> >> Mailing list settings: >> http://kym.net/mailman/listinfo/lug >> >> >> >> >> >> To unsubscribe: http://kym.net/mailman/options/lug >> >> >> >> >> >> >> >> >> >> >> >> The Uganda LUG mailing list is generously hosted by >> INFOCOM: >> >> >> >> >> >> http://www.infocom.co.ug/ >> >> >> >> >> >> >> >> >> >> >> >> The above comments and data are owned by whoever posted >> them >> >> >> >> >> (including >> >> >> >> >> >> attachments if any). The mailing list host is not >> >> responsible >> >> >> for >> >> >> >> >> them >> >> >> >> >> >> in >> >> >> >> >> >> any way. >> >> >> >> >> >> >> >> >> >> >> > _______________________________________________ >> >> >> >> >> > The Uganda Linux User Group: http://linux.or.ug >> >> >> >> >> > >> >> >> >> >> > Send messages to this mailing list by addressing e-mails >> to: >> >> >> >> >> > [email protected] >> >> >> >> >> > Mailing list archives: >> >> >> http://www.mail-archive.com/[email protected]/ >> >> >> >> >> > Mailing list settings: http://kym.net/mailman/listinfo/lug >> >> >> >> >> > To unsubscribe: http://kym.net/mailman/options/lug >> >> >> >> >> > >> >> >> >> >> > The Uganda LUG mailing list is generously hosted by >> INFOCOM: >> >> >> >> >> > http://www.infocom.co.ug/ >> >> >> >> >> > >> >> >> >> >> > The above comments and data are owned by whoever posted >> them >> >> >> >> >> (including >> >> >> >> >> > attachments if any). The mailing list host is not >> responsible >> >> >> for >> >> >> >> them >> >> >> >> >> in >> >> >> >> >> > any way. >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> _______________________________________________ >> >> >> >> >> The Uganda Linux User Group: http://linux.or.ug >> >> >> >> >> >> >> >> >> >> Send messages to this mailing list by addressing e-mails to: >> >> >> >> >> [email protected] >> >> >> >> >> Mailing list archives: >> >> >> http://www.mail-archive.com/[email protected]/ >> >> >> >> >> Mailing list settings: http://kym.net/mailman/listinfo/lug >> >> >> >> >> To unsubscribe: http://kym.net/mailman/options/lug >> >> >> >> >> >> >> >> >> >> The Uganda LUG mailing list is generously hosted by INFOCOM: >> >> >> >> >> http://www.infocom.co.ug/ >> >> >> >> >> >> >> >> >> >> The above comments and data are owned by whoever posted them >> >> >> >> (including >> >> >> >> >> attachments if any). The mailing list host is not >> responsible >> >> for >> >> >> >> them >> >> >> >> >> in >> >> >> >> >> any way. >> >> >> >> >> >> >> >> >> > _______________________________________________ >> >> >> >> > The Uganda Linux User Group: http://linux.or.ug >> >> >> >> > >> >> >> >> > Send messages to this mailing list by addressing e-mails to: >> >> >> >> > [email protected] >> >> >> >> > Mailing list archives: >> >> http://www.mail-archive.com/[email protected]/ >> >> >> >> > Mailing list settings: http://kym.net/mailman/listinfo/lug >> >> >> >> > To unsubscribe: http://kym.net/mailman/options/lug >> >> >> >> > >> >> >> >> > The Uganda LUG mailing list is generously hosted by INFOCOM: >> >> >> >> > http://www.infocom.co.ug/ >> >> >> >> > >> >> >> >> > The above comments and data are owned by whoever posted them >> >> >> >> (including >> >> >> >> > attachments if any). The mailing list host is not responsible >> >> for >> >> >> them >> >> >> >> in >> >> >> >> > any way. >> >> >> >> >> >> >> >> >> >> >> >> _______________________________________________ >> >> >> >> The Uganda Linux User Group: http://linux.or.ug >> >> >> >> >> >> >> >> Send messages to this mailing list by addressing e-mails to: >> >> >> >> [email protected] >> >> >> >> Mailing list archives: >> >> http://www.mail-archive.com/[email protected]/ >> >> >> >> Mailing list settings: http://kym.net/mailman/listinfo/lug >> >> >> >> To unsubscribe: http://kym.net/mailman/options/lug >> >> >> >> >> >> >> >> The Uganda LUG mailing list is generously hosted by INFOCOM: >> >> >> >> http://www.infocom.co.ug/ >> >> >> >> >> >> >> >> The above comments and data are owned by whoever posted them >> >> >> (including >> >> >> >> attachments if any). The mailing list host is not responsible >> for >> >> >> them >> >> >> >> in >> >> >> >> any way. >> >> >> >> >> >> >> > _______________________________________________ >> >> >> > The Uganda Linux User Group: http://linux.or.ug >> >> >> > >> >> >> > Send messages to this mailing list by addressing e-mails to: >> >> >> > [email protected] >> >> >> > Mailing list archives: >> http://www.mail-archive.com/[email protected]/ >> >> >> > Mailing list settings: http://kym.net/mailman/listinfo/lug >> >> >> > To unsubscribe: http://kym.net/mailman/options/lug >> >> >> > >> >> >> > The Uganda LUG mailing list is generously hosted by INFOCOM: >> >> >> > http://www.infocom.co.ug/ >> >> >> > >> >> >> > The above comments and data are owned by whoever posted them >> >> >> (including >> >> >> > attachments if any). The mailing list host is not responsible >> for >> >> them >> >> >> in >> >> >> > any way. >> >> >> >> >> >> >> >> >> _______________________________________________ >> >> >> The Uganda Linux User Group: http://linux.or.ug >> >> >> >> >> >> Send messages to this mailing list by addressing e-mails to: >> >> >> [email protected] >> >> >> Mailing list archives: >> http://www.mail-archive.com/[email protected]/ >> >> >> Mailing list settings: http://kym.net/mailman/listinfo/lug >> >> >> To unsubscribe: http://kym.net/mailman/options/lug >> >> >> >> >> >> The Uganda LUG mailing list is generously hosted by INFOCOM: >> >> >> http://www.infocom.co.ug/ >> >> >> >> >> >> The above comments and data are owned by whoever posted them >> >> (including >> >> >> attachments if any). The mailing list host is not responsible for >> >> them >> >> >> in >> >> >> any way. >> >> >> >> >> > _______________________________________________ >> >> > The Uganda Linux User Group: http://linux.or.ug >> >> > >> >> > Send messages to this mailing list by addressing e-mails to: >> >> > [email protected] >> >> > Mailing list archives: http://www.mail-archive.com/[email protected]/ >> >> > Mailing list settings: http://kym.net/mailman/listinfo/lug >> >> > To unsubscribe: http://kym.net/mailman/options/lug >> >> > >> >> > The Uganda LUG mailing list is generously hosted by INFOCOM: >> >> > http://www.infocom.co.ug/ >> >> > >> >> > The above comments and data are owned by whoever posted them >> >> (including >> >> > attachments if any). The mailing list host is not responsible for >> them >> >> in >> >> > any way. >> >> >> >> >> >> _______________________________________________ >> >> The Uganda Linux User Group: http://linux.or.ug >> >> >> >> Send messages to this mailing list by addressing e-mails to: >> >> [email protected] >> >> Mailing list archives: http://www.mail-archive.com/[email protected]/ >> >> Mailing list settings: http://kym.net/mailman/listinfo/lug >> >> To unsubscribe: http://kym.net/mailman/options/lug >> >> >> >> The Uganda LUG mailing list is generously hosted by INFOCOM: >> >> http://www.infocom.co.ug/ >> >> >> >> The above comments and data are owned by whoever posted them >> (including >> >> attachments if any). The mailing list host is not responsible for >> them >> >> in >> >> any way. >> >> >> > _______________________________________________ >> > The Uganda Linux User Group: http://linux.or.ug >> > >> > Send messages to this mailing list by addressing e-mails to: >> > [email protected] >> > Mailing list archives: http://www.mail-archive.com/[email protected]/ >> > Mailing list settings: http://kym.net/mailman/listinfo/lug >> > To unsubscribe: http://kym.net/mailman/options/lug >> > >> > The Uganda LUG mailing list is generously hosted by INFOCOM: >> > http://www.infocom.co.ug/ >> > >> > The above comments and data are owned by whoever posted them >> (including >> > attachments if any). The mailing list host is not responsible for them >> in >> > any way. >> >> >> _______________________________________________ >> The Uganda Linux User Group: http://linux.or.ug >> >> Send messages to this mailing list by addressing e-mails to: >> [email protected] >> Mailing list archives: http://www.mail-archive.com/[email protected]/ >> Mailing list settings: http://kym.net/mailman/listinfo/lug >> To unsubscribe: http://kym.net/mailman/options/lug >> >> The Uganda LUG mailing list is generously hosted by INFOCOM: >> http://www.infocom.co.ug/ >> >> The above comments and data are owned by whoever posted them (including >> attachments if any). The mailing list host is not responsible for them >> in >> any way. >> > _______________________________________________ > The Uganda Linux User Group: http://linux.or.ug > > Send messages to this mailing list by addressing e-mails to: > [email protected] > Mailing list archives: http://www.mail-archive.com/[email protected]/ > Mailing list settings: http://kym.net/mailman/listinfo/lug > To unsubscribe: http://kym.net/mailman/options/lug > > The Uganda LUG mailing list is generously hosted by INFOCOM: > http://www.infocom.co.ug/ > > The above comments and data are owned by whoever posted them (including > attachments if any). The mailing list host is not responsible for them in > any way. _______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
