- Mar 8, 2009
- Reaction score
Researcher uses Amazon cloud to crack Wi-Fi passwords
A security researcher from Germany named Thomas Roth has written a program that can crack the WPA encryption that protects many Wi-Fi networks in a few minutes. His software employs a "brute force" attack, where passwords are deciphered by successively varying combinations of numbers and digits, and since naturally that can take some serious computer resources he tapped on Amazon's EC2 cloud services to get the job done.
Initially it took him 20 minutes to crack the key for a network in his neighborhood, but after some modifications to his software he was able to bring the time down to only six minutes. Amazon rents its service to customers for 28 cents per minute so the total cost of the crack came to just $1.68.
Of course this is a violation of Amazon’s acceptable use policy, but Roth is hoping to show network administrators that WPA-PSK is not strong enough to keep out intruders and that they should be using stronger encryption algorithms – especially at a time when powerful and inexpensive cloud computing services are accessible to anyone. He plans to distribute his software publicly and give demonstrations on using it at the Black Hat conference in Washington D.C.