Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

WPA2-PSK safty despite PSK compromise

8 views
Skip to first unread message

Thorsten Tarrach

unread,
Jul 16, 2008, 10:57:01 AM7/16/08
to
Hi,

I'm wondering about WPA2 safety in the scenario of a compromised preshared
key (PSK).
I'm aware that the protocol is safe by today's knowledge if they key is kept
secure.
But what if I share the key with another person to enable that person to use
my AP. Will that break confidentiality of my communication with the AP?
The AES encryption key is derived from the PSK in some form of handshake. I
want to know now if someone else can obtain that key by capturing the
handshake and knowing the PSK?

Thanks, Thorsten

Carsten Krueger

unread,
Jul 16, 2008, 2:09:02 PM7/16/08
to
Am Wed, 16 Jul 2008 16:57:01 +0200 schrieb Thorsten Tarrach:

> Will that break confidentiality of my communication with the AP?

Yes, because he can do a man in the middle attack

greetings
Carsten
--
ID = 0x2BFBF5D8 FP = 53CA 1609 B00A D2DB A066 314C 6493 69AB 2BFB F5D8
http://www.realname-diskussion.info - Realnames sind keine Pflicht
http://www.spamgourmet.com/ + http://www.temporaryinbox.com/ - Antispam
cakruege (at) gmail (dot) com | http://www.geocities.com/mungfaq/

Thorsten Tarrach

unread,
Jul 17, 2008, 3:56:47 AM7/17/08
to
Hi Carsten,

I agree that a man in the middle attack (probably ARP poisoning) would be
feasible but to sustain it over long periods unnoticed would be difficult.
So what about the case of a silent listener?

Thanks, Thorsten

"Carsten Krueger" <cakr...@invalid.invalid> wrote in message
news:945u0oramtk8$.dlg@cakruege.my-fqdn.de...

Carsten Krueger

unread,
Jul 17, 2008, 1:04:55 PM7/17/08
to
Am Thu, 17 Jul 2008 09:56:47 +0200 schrieb Thorsten Tarrach:

> So what about the case of a silent listener?

can sniff, too

wpa-buddy or aircrack-ng (airdecap)

Dale Harris

unread,
Jul 18, 2008, 8:01:23 AM7/18/08
to

"Thorsten Tarrach" <tho_p...@gmx.de> wrote in message
news:487e0c3f$0$23894$8a7a...@news4.usenet4u.nl...

If the key is compromised than you cannot expect any security. Cryptology is
all about keys.


** Posted from http://www.teranews.com **

Carsten Krueger

unread,
Jul 18, 2008, 6:34:51 PM7/18/08
to
Am Fri, 18 Jul 2008 14:01:23 +0200 schrieb Dale Harris:

> If the key is compromised than you cannot expect any security. Cryptology is
> all about keys.

http://en.wikipedia.org/wiki/Perfect_forward_secrecy

but WPA2 didn't implement this

Thorsten Tarrach

unread,
Jul 23, 2008, 6:19:33 PM7/23/08
to
"Carsten Krueger" <cakr...@invalid.invalid> wrote in message
news:smxz9qy5...@cakruege.my-fqdn.de...

> Am Fri, 18 Jul 2008 14:01:23 +0200 schrieb Dale Harris:
>
>> If the key is compromised than you cannot expect any security. Cryptology
>> is
>> all about keys.
>
> http://en.wikipedia.org/wiki/Perfect_forward_secrecy
>
> but WPA2 didn't implement this

That's what I would have expected. With Diffie-Hellman key exchange the AP
and station could derive a key without a passive adversary gaining access to
it.

0 new messages