7

My college has a WPA2 Enterprise network, which I can connect to on my Pi after configuring the network in wpa_supplicant.conf.

I don't want my Wi-Fi password stored in plain text, so I use echo -n $password | iconv -t utf16le | openssl md4 to hash it, and then store the MD4 hash instead of the plain text password in the file.

I wrote a Bash script that adds the config and hashes the password, which a lot of students have used to connect their Pis to the network. It's always worked, except for someone who has a password longer than 14 characters. That's great for security, but it causes problems with the MD4 hash algorithm.

wpa_passphrase won't work because it generates a PSK for a WPA-PSK network. My school's network is WPA-EAP, which requires a separate username and password, and is why I've been using NTLM password hashing instead.

Is there a way to hash passwords in the wpa_supplicant.conf file that are longer than 14 characters? I've tried hashing only the first 14 characters of the password, or an empty string, but neither of those work.

tjohnson
  • 121
  • 3
  • Why are you using MD4? There's no reason whatsoever to use it now days. Even if you want a 128 bit digest and don't want to truncate something like SHA-2, at least use MD5... – guest Nov 25 '17 at 08:05
  • 1
    NTLM is unlikely to be used for EAP; it would be MS-CHAPv2, which still used MD4 – CGretski Nov 24 '17 at 23:46
  • You're correct, I was confusing the two. I'm calling `openssl md4` to hash the password so it is using MD4. But the 14 character limit still exists and I don't know how to work around it. – tjohnson Nov 25 '17 at 00:30
  • Not to mention, a hash algorithm does not care about the input length. MD4/MD5 produces the same output length regardless of if it is given one byte or a gigabyte. – guest Nov 25 '17 at 08:18
  • 1
    Oh nvm I see, you are limited to MS-CHAPv2. Can you not use EAP-PSK, where you can set password to a hex value using wpa_passphrase? – guest Nov 25 '17 at 08:55
  • @guest I would try that, but I don't know what the server NAI would need to be. – tjohnson Nov 25 '17 at 15:51
  • Possible duplicate of [Cryptography Exchange: Encryption algorithm used in WPA/WPA2](https://crypto.stackexchange.com/questions/28975/encryption-algorithm-used-in-wpa-wpa2#28981) – RubberStamp Nov 25 '17 at 16:57
  • Do you have to convert to UTF16? have you tried (leaving it in?) utf8? `echo -n $password | iconv -t utf8 | openssl md4` or `echo -n $password | openssl md4` – Herald Smit Nov 26 '17 at 15:04
  • @guest I tried EAP-PSK and couldn't get it to work. I don't think my school's network supports it. – tjohnson Nov 27 '17 at 16:34

1 Answers1

1

There is no sense in hashing the password when using md4 as a hashing algorithm.

The threat you are trying to defeat with hashing the password is either:

  1. Someone getting physical access to the device and extracting the password from the file system.
  2. Someone getting remote access and privilege escalation to root to be able to read the password.

Now, both of these threats can be expected to have access to reasonably recent hardware that can brute force through md4 as if it was plain text.

To help against

  1. you could use full disk encryption to keep the password safe,
  2. you should be considering that someone with remote root access already has access to the network (either because the connection comes out of that network or because the device in their control is already connected to the network).

    As it is generally preferred for several reasons to pivot through an already compromised host rather than connecting the attacker machine to the network itself, there is not much gain for the attacker in compromising the WPA password from the configuration - and if there was, md4 would not - as addressed earlier - hinder an attacker sufficiently.

Tobi Nary
  • 14,302
  • 8
  • 43
  • 58
  • When I first wrote a Bash script to automatically add the network to `wpa_supplicant.conf`, it stored the password in plain text, and when I asked the IT department to approve it, they said it should be hashed. I can understand why, because situations happened like once I had to help a professor set it up on their machine, and ended up seeing their password in the process. The purpose of hashing isn't to keep the password extremely secure from hackers, as much as to keep it from being in plain sight if I edit `wpa_supplicant.conf` in nano. – tjohnson Nov 27 '17 at 13:43
  • You should either not be able to do that or be allowed to know the password. – Tobi Nary Nov 27 '17 at 13:44
  • Unfortunately I don't think it's that simple. I'm also a TA for a lab, where part of my job is to help students set up Wi-Fi on their Pis. Recently the Wi-Fi certificate changed, so I had to edit `wpa_supplicant.conf` on a lot of Pis. I would feel uncomfortable with seeing all their passwords, especially since their classmates could also potentially see them in plain text. – tjohnson Nov 27 '17 at 13:52
  • 1
    Unfortunately, there is not much you can do about this, especially if it’s not on machines you have control over. Even if you obfuscated your contribution, other networks would still have their configuration in plain text. Generally, you shouldn’t be modifying configuration files for others but supply a decent and detailed enough configuration how to. – Tobi Nary Nov 27 '17 at 15:39