Decipher and its application

506 Project Proposal
Thomas Campus
Dwayne Handon
Rachelle Bayan
Cory Minor
Table of contents
I. Abstract
II. Purpose, goals, and objectives
III. Review of relevant literature
IV. Project design and process
V. Management plan and organization
VI. Deliverables
I. Abstract
Our project will test the strengths of modern day wireless encryption techniques used in routers.
We will utilize mostly available software packages, as the scope of this class would not allow for nor
emphasizes on creating software to crack encryption techniques. We will gather data around the
downtown Richmond area to assess how strong a typical network is and, theoretically, how long it
would take to break a typical networks encryption.
II. Purpose, goals, and objectives
The purpose of our project is to determine how secure current day wireless encryption
techniques are in wireless transmissions. Coming out of the project, our goal is to have a general idea
as to how feasible it would be to break any typical encryption technique used on current day routers.
III. Review of relevant literature
There is a bunch of information about current cracking techniques and how encryption
techniques work. Currently there are two main encryption techniques out on the market. WPA and
WEP. WEP, or Wired Equivalent Privacy, is a deprecated algorithm used to secure IEEE 802.11
wireless networks. Several weaknesses have been identified in the WEP algorithm since its debut, and
it is supposedly crackable in minutes with current day techniques. The technical details of WEP are as
Standard 64-bit WEP uses a 40 bit key (also known as WEP-40), which is concatenated
with a 24-bit initialization vector (IV) to form the RC4 traffic key. At the time that the
original WEP standard was being drafted, U.S. Government export restrictions on
cryptographic technology limited the key size. Once the restrictions were lifted, all of
the major manufacturers eventually implemented an extended 128-bit WEP protocol
using a 104-bit key size (WEP-104).
A 128-bit WEP key is almost always entered by users as a string of 26 hexadecimal
(base 16) characters (0-9 and A-F). Each character represents four bits of the key. 26
digits of four bits each gives 104 bits; adding the 24-bit IV produces the final 128-bit
WEP key. A 256-bit WEP system is available from some vendors, and as with the 128bit key system, 24 bits of that is for the IV, leaving 232 actual bits for protection. These
232 bits are typically entered as 58 hexadecimal characters. (58 × 4 = 232 bits) + 24 IV
bits = 256-bit WEP key. (Wired Equivalent Privacy)
WPA, or Wi-Fi Protected Access, was introduced to replace WEP after it was determined to be
inadequate to provide secure wireless transmissions. WPA is compatible with wireless network
interface cards that pre-date the protocol, and implements a majority of the IEEE 802.11i standards.
The technical details are as follows:
Pre-shared key mode (PSK, also known as personal mode) is designed for home and
small office networks that don't require the complexity of an 802.1X authentication
server. Each user must enter a passphrase to access the network. The passphrase may be
from 8 to 63 printable ASCII characters or 64 hexadecimal digits (256 bits). If ASCII
characters are used, a hash function reduces the password to a 256 bit string, using also
the SSID. Under most operating systems the passphrase may be stored on the user's
computer at the user's discretion to avoid the inconvenience of entering it at every
connection establishment. The passphrase is also stored in the wireless access point.
Security is strengthened by employing a PBKDF2 key derivation function. However, the
weak passphrases users may typically employ are vulnerable to password cracking
attacks. To protect against a brute force attack, a truly random passphrase of 13
characters (selected from the set of 95 permitted characters) is probably sufficient.
Rainbow tables have been computed by the Church of WiFi for the top 1000 SSIDs[4]
for a million different WPA/WPA2 passphrases. To further protect against intrusion the
network's SSID should not match any entry in the top 1000 SSIDs. (Wi-Fi Protected
IV. Project design and process
In the attempt to evaluate which wireless network encryption is the most sufficient for secure
data transfer, there is a need for the proper tools and a process to be followed. Tools that are required in
the experiment include: a laptop with the BackTrack 2 Linux distribution installed, a compatible
wireless network card installed on the laptop as well as a stumbler program such as kismet that will be
used to find any hidden networks. Additionally, there will be a need for routers which are being used to
transfer information. This will allow for collection of packets which will be deciphered by BackTrack
2's aircrack suite. Within the aircrack suite there are tools that will be utilized to capture packets, locate
hidden networks, determine the encryption type of any network and many other tools that have useful
applications to this project.
The design of this project is to use routers that are secured with different styles of encryptions
that are currently widely used by businesses and home users alike. These for example include but are
not limited to, WEP, and WPA/WPA2 encryption protocols. Using the mentioned tools above, packet
capturing will begin. Depending on the encryption, the time to collect packets will vary. After the
necessary packet collection is completed, the utilization of the tools in the aircrack suite will begin.
Using the aircrack suite, the collected packets will then be deciphered, thus allowing for the keys of the
router’s security encryption to be discovered. With this, a passcode can be reverse engineered by
utilizing a tool within the aircrack suite once again. The strength of the encryption protocol is then
established by how difficult and how long the packet collection and packet deciphering is which will be
determined by how long a given computer will take to compute the necessary credentials to log onto
the network.
V. Management plan and organization
Since this will be a learning experience for the whole group, the work will not necessarily be
split up that much. All members of the group will participate in the core components of the project.
We will meet on multiple occasions and start out learning the software and reading up on the security
algorithms. Next we will apply our knowledge and the software to get actual results in the real world.
Afterwards, we will analyze our data and put together an interpretation of what we discovered. This
will be our final deliverable for the project.
VI. Deliverables
As previously stated, our deliverables will be the interpretation and interpolation of the data we
collect while carrying out our project. This will include, but is not limited to, expected amount of time
needed to break encryption of typical networks, sample composition of networks in the downtown
Richmond area, and the implications that current network algorithms have on wireless security.
“Wi-Fi Protected Access.” Wikipedia. 9 Oct. 2008
“Wired Eqiuvalent Privacy.” Wikipedia. 9 Oct. 2008