WPS Flaw

WPS, or WiFi Protected Setup, is a vendor-neutral scheme to make it easier for computer neophytes to securely configured a home wireless access point. Unfortunately, the PIN-based scheme it uses for authentication is easily bruteforced.

From the article:

“When the PIN authentication fails the access point will send an EAP-NACK message back to the client. The EAP-NACK messages are sent in a way that an attacker is able to determine if the first half of the PIN is correct. Also, the last digit of the PIN is known because it is a checksum for the PIN. This design greatly reduces the number of attempts needed to brute force the PIN. The number of attempts goes from 108 to 104 + 103 which is 11,000 attempts in total.”

This entry was posted on Tuesday, January 3rd, 2012 at 9:59 am and is filed under Exploits. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Your email address will not be published. Required fields are marked *

CAPTCHA

*