Home

Services

Markets

Knowledge

Research

Cases

Blog

Company

Contact

Services
Systems & vulnerability research
Capability development
Defensive design
Knowledge
Research
Cases
Blog

sales[  ]midnightblue[  ]nl

PGP (0x9035856DF1D41F73)

Work with us
October, 2014
10 Minutes
Research

Overview

Scrutinizing password generating algorithms in wireless routers

Introduction

A wireless router is a networking device that enables a user to set up a wireless connection to the Internet. A router can offer a secure channel by cryptographic means which provides authenticity and confidentiality. Nowadays, almost all routers use a secure channel by default that is based onWi-Fi Protected Access II (WPA2). This is a security protocol which is believed not to be susceptible to practical key recovery attacks. However, the passwords should have sufficient entropy to avert brute force attacks.

In our research, we compose a strategy on how to reverse-engineer embedded routers. Furthermore, we describe a procedure that can instantly gather a complete wireless authentication trace which enables an offline password recovery attack. Finally, we present a number of use cases where we identify extremely weak password generating algorithms in various routers which are massively deployed in The Netherlands.

Publications

Date

Type

Title

Venue

August 2015

Academic paper

Scrutinizing WPA2 Password Generating Algorithms in Wireless Routers

WOOT 2015

WOOT Paper

Related knowledge items

All items

Sep 2024
Cases

Case studies coming Soon

We are currently in the process of writing several case studies regarding experiences and engagements througout our clientele. Check back soon.

Read more

0
Aug 2023
Research

RE:TETRA CVEs

During our TETRA:BURST research, we found numerous vulnerabilities in TETRA equipment and underlying technologies. This page is an overview of the findings.

Read more

10 Minutes