Wi-Fi Protected Access 2 (WPA2) is one of the most widespread security standards for wireless networks.
It has been replaced by more recent WPA3, but as of 2021 WPA2 is still more spread.
This post explains briefly what is WPA2, its vulnerabilities, how to strengthen a WPA2 network and how to crack it.
What is WPA2?
IEEE 802.11i-2004 or Wi-Fi Protected Access 2 (WPA2) is an amendment of the original definition of the IEEE 802.11 or WPA, a standard that specifies security protocols to create a WLAN. WPA2 appeared in 2004 as a replacement for the insecure WEP and WPA.
WPA2 implements CCMP as an encryption protocol (that makes use of AES encryption algorithm), replacing unsafe TKIP (that makes use of RC4 encryption algorithm) of the previous versions.
WPA2 supports two RSNA integrity and confidentiality encryption protocols:
- TKIP (Temporal Key Integrity Protocol)
- CCMP (Counter Mode Cipher Block Chaining Message Authentication Code Protocol)
TKIP was designed as a temporary measure to support WPA features without requiring replacement of legacy wireless hardware. It is based on encryption algorithm Rivest Cipher 4 (RC4), that is considered unsafe.
TKIP encryption protocol was deprecated in 2012 and it is considered unsafe, and so are encryption modes WPA and WPA2-TKIP.
CCMP is based on encryption algorithm Advanced Encryption Standard (AES).
From a security point of view, wireless security modes WPA2-CCMP or WPA3 should be used instead.
Authentication options supported by WPA2:
- Preshared key (PSK) or personal (PER)
- IEEE 802.1X or enterprise (ENT)
PSK is the use of a static fixed password or authentication.
ENT enables the leveraging of and existing AAA (Authentication, Authorization and Accounting) service to be used for authentication. Some examples of AAA services are RADIUS (Remote Authentication Dial-In User Service) or TACACS+.
Most domestic networks (for example, those having a password printed on a label on the router) use PSK authentication option.
Is WPA2 safe?
As of the time this post has been written, no known attacks have been successful against AES/CCMP encryption. From an encryption point of view and when CCMP encryption protocol is used, WPA2 can be considered safe enough.
However, if the implementation of WPA2 uses TKIP, then it is not considered safe.
In addition, there are known exploitations of the WPA2 key exchange (or handshake) processes:
- Key Reinstallation AttaCK (KRACK)
It means that WPA2 is vulnerable while performing the key exchange processes.
Some of these vulnerabilities are not present in WPA2′s successor WPA3.
If WPA3 is safer than WPA2, why it is not massively replaced?
It is not simple to migrate a whole network and the existing components to WPA2.
You can read more about this on this link.
How do I ensure my WPA2 network is secured?
Please ensure all points in this checklist are done:
- Ensure CCMP encryption protocol is used instead TKIP
- When using PSK authentication, default Wi-Fi password must be changed
- Change router settings default password
- Change default SSID
- Consider migrating to WPA3, when possible
Remember that WPA3 is still vulnerable to Dragonblood attack.
How can I crack WPA2 password?
Remember that cracking a WPA2 may be against the law in most countries. Use these pieces of advice only for educational or research purposes or provide pen-testing services.
This section assumes there is a fixed password for the whole network, it means, that network uses PKA authentication protocol.
1. Find wireless connections around you
First, you need to configure your system to be able to monitor networks around you.
Then, scan available access points (AP):
sudo airodump-ng wlanXmon
The results of networks available will be displayed in a screen like this:
2. Check the security algorithm used in a network
Check the value under the “ENC” (Encryption) column of airodump-ng screen to identify the encryption standard or algorithm. It can be either “WEP”, “WPA”, “WPA2″ or “WPA3″.
If encryption is WEP, it is the easiest to crack, but this connection algorithm is not that common nowadays for obvious reasons. If this is the case, check this post.
If it is WPA, you can use tools like coWPAtty.
If it is WPA2, keep reading.
3. Check the authentication option used in a network
Check the value under the “AUTH” (Authentication). For WPA2 networks, it can be “PSK” or “ENT”.
If it is “PSK”, keep reading.
If it is “ENT” (not the most common option, though) this is not covered by this post.
4. Check the encryption protocol used in a network
Check the value under the “CIPHER” column of airodump-ng screen to identify the encryption protocol. In case of WPA2, it can be either TKIP or CCMP.
TKIP is unsafer than CCMP, and then, much more common that
If encryption protocol is CCMP, skip to step 6.
5. Crack the WPA2-TKIP password using aircrack-ng
TKIP encryption algorithm is now considered weak, and it should be not used.
You can use aircrack-ng command to crack a WPA2-TKIP password, as explained in EC-Council’s CEH coursework:
aircrack-ng -a2 -b 20:E5:2A:E4:38:00 -w /root/Desktop/Wordlists/Passwords.txt '/root/Desktop/Sample Captures/WPA2crack-01.cap'
-a2: specifies WPA2
-b: add the BSSID for the connection
-w: add the path to password dictionary in plaintext
<no parameter>: .cap file that stored data collected with airodump-ng
6. Crack the WPA2 password during handshake process
Known exploitations of the WPA2 key exchange or processes:
- Key Reinstallation Attack KRACK
If devices in a WPA2 networks have not been updated since 2017, they may be vulnerable to KRACK exploitation.
This post does not going deeper into analyzing these exploitations. You can read more about them on this post.
Regarding how to crack WPA/WPA2 password during handshake process, check this post.
You might be also interested in…
- “CEH v10 Coursework: Understanding Wireless Hacking Methodology”; EC-Council
- “CISSP Official Study Guide: Ninth Edition“, Chapter 11 “Secure Network Architecture and Componentes”, p. 532; Mike Chapple, James Michel Steward, Darril Gibson; Sybex/Wiley; 2021
- “Crack WPA/WPA2 Wi-Fi Routers with Aircrack-ng and Hashcat“; Brannon Dorsey
- “IEEE 802.11i-2004“; Wikipedia