1

I have been reading some articles on WPA/PSK encryption and one said that the hash is calculated like this:

Key = PBKDF2(passphrase, ssid, 4096, 256)

Where PBKDF2 is a standardized method to derive a key from a passphrase.

As you see here the key depends on the SSID, so if you have the same password with different SSID the key wouldn't be the same.

So it is not possible to generate (and save) like a rainbow table to WPA/PSK hash like hash:plain-text because the hash would need the SSID and the SSID is different from router to router?

Matthias Braun
  • 421
  • 3
  • 12
Ouerghi Yassine
  • 113
  • 4

1 Answers1

1

Yes, that's the point. Technically, the parameter which is non-secret but alters the hashing process is called a salt. The salt is as powerful as it is unique; the more unique it is, the more it prevents attackers from doing parallel attacks (precomputed tables such as rainbow tables are a kind of parallel attack, if seen in the proper space-time referential). In WPA/WPA2, the SSID is used as salt on the basis that different WiFi routers will use different SSID.

This is not 100% effective: since each user can choose his SSID, without a global SSID allocation system, some SSID values are widely more popular than others (the default values chosen by manufacturers also lead to high SSID reuse). This site, for instance, reports that as many as 2.357% of all WiFi routers use "linksys" as SSID. This prompted some people to actually compute rainbow tables for these most common SSID and passwords (e.g. there).

Tom Leek
  • 168,808
  • 28
  • 337
  • 475
  • Thank you for your answer .. and thank you for clearing the idea of a salt for me, i always saw that but didn't really get it. And well our ISP here puts random name in the SSID, IspName_4RandomAlphanumericCaracters. – Ouerghi Yassine Jan 31 '14 at 13:49