Thomas Roth, described in Der Spiegel magazine as an IT security expert, will report on his experiment at next week’s Black Hat DC 2011 hacker conference in Washington.
The holder of a W-LAN password can not only spy on the network’s user, but also use the account to secretly start attacks on other servers, or initiate illegal downloads.
The cloud computing systems run not only by Amazon but also Google and Microsoft effectively rent out computing power. For companies which occasionally need such capacity, the idea is attractive as it saves them from having to invest in powerful computing systems of their own.
The amount of computer power in ‘the cloud’ has grown to enormous proportions – and prices have thus fallen, to between $1 and $2 an hour for the use of a very fast computer.
Roth said he easily used this power to show how a W-LAN password could be cracked.
There is already a service called WPACracker which uses 400 computers in the Amazon cloud at the same time to elicit passwords. Roth said he did not even need to use this – rather, he rented the power of a cluster GPU Instance – a group of four extremely fast computer processors.
This took just 20 minutes to crack the WPA password of his neighbour, who had agreed to the experiment. An improvement in the software could reduce this time to around six minutes, he said – which would cost less than $2.
The software tried 70 million words from a dictionary one after another, in a ‘brute force’ attack to find the password.
The WPA password security system is one of the newest, although it has been superseded by the WPA2 system in the newest WLAN systems.
However, the longer the password, the safer it is – and WPA allows up to 63 letters and numbers to be used. The best idea is to use at least 20 figures, without any recognisable words, but using capital as well as small letters as well as numbers and other signs.
Roth said he will publish his software on the internet – not to enable criminals to use it, but to sensitise people to the security issues.
“People tell me it is not possible to crack WPA,” he told Reuters newswire. “And if it were possible, they say it would cost a fortune.” But he said it is actually relatively easy.
Amazon said researchers would often use its system in order to show how security systems can be improved. But the firm said it would be an infringement of its conditions of use to compromise the security of a network.