100 chapter 6 Bad Encryption Applying the attack, the team built the next logical thing, a tag simulator, using their software implementation of the tag to emulate a legitimate tag in the field and use it to make a purchase. The necessary equipment took up most of the back seat of the test vehicle, but they succeeded in obtaining a real tag's secret key and then emulating it to commit a "fraudulent" purchase (the tag was owned by a researcher, so it wasn't fraud, but an attacker would not be so discerning). The equipment size is just a matter of engineering to reduce to easily an easier, more portable size to allow for sneak attacks. The resulting fallout from this research was not mass fraud or a breakdown of the entire payment system. The team responsibly kept back details of the algorithm and did not make their implementations public. This made it harder for any attacker to copy their work but allowed them to prove that the research was correct. In addi- tion, Exxon-Mobil was already beginning plans to phase out the older tags in favor of newer, more secure tags. The conclusion best drawn is that the air interface of the Speedpass allows an attacker access to the communications. The security of those communications depends entirely on the strength of the algorithm protecting it, and that what was considered secure one day, may not be secure the next day. aDvanCeD Wpa anD Wpa2 CraCKIng Chapter 1, 802.11 Wireless ­ Infrastructure Attacks focused on Wi-Fi infrastruc- ture attacks and included weaknesses in Wi-Fi Protected Acess (WPA) and WPA2. It is worth exploring the future of these attack vectors and the security that WPA Pre-Shared Key (WPA-PSK) and WPA2-PSK provide. Current attacks on WPA and WPA2 in PSK mode depend on the guess-ability (or entire lack) of the passphrase used. While an exhaustive search is still out of the realm of possibility, if an attacker can guess your passphrase or you use a very com- mon one, there is a good chance that you may be compromised. All of this depends on the ability to choose a passphrase that is longer and more random than the ability of an attacker to muster enough computing power to end up testing that passphrase in a reasonable amount of time. The idea was that a sufficiently long and random passphrase was enough to thwart most attackers and that the SSID being used as a salt made those attacks even more difficult. In late 2009, Moxie Marlinspike launched wpacracker.com and the wireless world took notice of the availability of cheap processing power and its potential in password cracking. The service uses Amazon's EC2 cloud computing service to allocate processing power for cheap as compared to actually building it your- self. For $35, the service will test a capture (in the same way coWPAtty does) for a single SSID against 135 million word dictionary and return results in about 20 min (no guarantee of a success though). There are also options for a dictionary in German, as well as an extended English dictionary. The final one-off option is all the dictionaries combined for a total of 520 million words against the target network.