WiFi encryption cracked by Russians using Nvidia graphics cards

Davey Winder
Saturday, 11 October 2008 15:18

Your IT - Home IT

Apparently ElcomSoft Distributed Password Recovery only needs a few packets to be intercepted in order to perform this kind of accelerated attack.

Consider that a Nvidia GeForce GTX280 can process hundreds of billions fixed-point calculations per second. Then add 1GB of onboard video memory and 240 processing units. Throw in a second card, and you can enter the world of super-parallel computing on a budget.

ElcomSoft claims that it currently supports all GeForce 8 and GeForce 9 boards, using the patent-pending acceleration technology to offload part of the computational-heavy processing onto the fast and highly scalable processors featured in the Nvidia graphic accelerators.

This allows for "the execution of mathematically intensive password recovery code on the massively parallel computational elements found in latest Nvidia graphic accelerators" it insists.

David Hobson, Managing Director of IT security consultancy Global Secure Systems, admits that
"brute force decryption of the WPA and WPA2 systems using parallel processing has been on the theoretical possibilities horizon for some time."

No doubt it has been employed by certain government agencies along the way. However, now Hobson warns that "the use of the latest Nvidia cards to speedup decryption on a standard PC is extremely worrying."

Indeed, Hobson goes as far as to state that WiFi security is no longer secure as a result. "This breakthrough in brute force decryption of WiFi signals by ElcomSoft confirms our observations that firms can no longer rely on standards-based security to protect their data. As a result, we now advise clients using WiFi in their offices to move on up to a VPN encryption system as well."

Of course, it is not just WiFi security that is at risk from this development as ElcomSoft adds that it can retrieve "a variety of system passwords" including NTLM and Windows startup passwords, crack MD5 hashes, unlock password-protected documents created by Microsoft Office 97-2007 and PDF files created by Adobe Acrobat.