Russian tech company ElcomSoft Co. Ltd has been going since 1990, serving up state-of-the-art tools for the computer forensics market, plus they provide computer forensics training and computer evidence consulting services. About 10 years ago they started to supply an impressive client base of law enforcement agencies, the military, and even intelligence agencies. In fact, most Fortune 500 corporations and foreign governments use their products, as do all major accounting firms.
So why are they of interest to us? Put simply, ElcomSoft’s new product – catchily named Elcomsoft Distributed Password Recovery – allows any machine (yes, regardless of whether you’re using a server, desktop or laptop) with a supported NVIDIA card to break Wi-Fi encryption. And this so-called GPU acceleration technology does it up to 100 times faster than you can do it using a CPU alone!
Now, tools like these are typically fast and inexpensive, but ElcomSoft’s solution moves at unbelievable speed when you access more than one CPU. 2 machines takes half the time, a network of 6 machines 1/6 of the time… you get the idea. So even though that’s pretty good in itself, using the Graphic Processing Units or GPU as well takes even a single machine into the league of VERY fast. ElcomSoft reports Distributed Password recovery can try 5000 passwords pre second with just one GeForce GTX260 on Office 2007 documents. This compares with a sluggish 200 per second or a regular CPU (Core2Duo). They report speed increases of 10-15 times on a “moderate laptop” – i.e. one with NVIDIA GeForce 8800M or 9800M series GPU, or up to a mammoth 100 times when running on a desktop with two or more NVIDIA GTX 280 boards.
Elcomsoft Distributed Password Recovery is patent pending (of course) and they say that because it supports both old-style WPA and the newer WPA2 encryption that most Wi-Fi networks rely on, Wi-Fi protection can be broken fairly fast and easy with “most” machines. It’ll recover a wide variety of system passwords (including NTLM and startup passwords) and can crack MD5 hashes, as well as unlocking password-protected documents in MS Office 97-2007 and Adobe Acrobat, as well as PGP and UNIX and Oracle user passwords.
They claim it offers “the fastest password recovery by a huge margin” – and we think they’re right. But at a high-end price it may not be affordable for non-corporate users.
If you want to find out all the latest news on tech why not subscribe to our RSS feed?
Inside GeekWithLaptop.com
 |  |  |  |
Contrary to the hyped up news reports – this “new” attack ONLY applies to wpa-psk and wpa2-psk, both of which used non-dynamic seed values (a passphrase) to derive the PMK.
Wpa-psk and wpa2-psk were long considered vulnerable due to the static passphrase nature of the implementation (the static passphrase is used to generate the pairwise master key which in turn spawns the rotating temporal keys used for actual encryption) – existing tools like cowpatty and aircrack-ng 1.0 prove that.
Full (aka Enterprise) WPA/WPA2, which use a radius server to generate the master key in a fully dynamic and random manner, are not vulnerable to this “acceleration” attack. The only current way to attack a full WPA/WPA2 setup is to attack using a MITM approach, but that only works if there is no mutual authentication using certificates enabled between client and server. All current attacks will fail if full WPA/WPA2 is deployed with mutual authentication using certificates between client and server.
Conveniently omitting the “PSK” portion in the various news articles is dubious at best. I challenge anyone to prove that this software can defeat a full WPA/WPA2 setup and not just WPA-PSK/WPA2-PSK.
I believe he was talking about an increased processing power with the NVIDIA hardware that can crack passwords faster with the so called GPU. The focus was not on wireless security. So thats why he didn’t metion the PSK exception. BLaBlaBla