What Is Wi-Fi Protected Access?
WPS (Wi-Fi Protected Setup) is an authentication project implemented by the WiFi Alliance organization. Its main purpose is to simplify the security encryption configuration of wireless networks. WPS technology is used to assist users to automatically set the network name (SSID) and configure the highest level WPA2 security key.
- WPS (Wi-Fi Protected Setup) is an English abbreviation for Wi-Fi Protected Setup. WPS is made up of
- Due to different brands and models of wireless routers, the following steps will be slightly different.
- 1. Use the configuration program to select "Connect to a wireless network with WPS".
- 2. Some wireless devices need to hold down the WPS button on the router, or log in to the router page with another computer, and select the computer to connect to on the relevant page.
- 3. in
- 1.WPS vulnerability analysis
- In WPS encryption, the PIN is the only requirement to obtain access between network devices. No other identification method is required, which makes brute force cracking feasible.
- The 8th digit of the WPSPIN code is a checksum, so hackers only need to calculate the first 7 digits. In this way, the number of unique PIN codes has been reduced by one level to become the seventh power of 10, which means that there are 10 million variations.
- When implementing PIN identification, the access point (wireless router) is actually trying to find out whether the first half (the first 4 digits) and the second half (the last 3 digits) of the PIN are correct. When the PIN authentication connection fails for the first time, the router will send an EAP-NACK message to the client, and through this response, the attacker will be able to determine whether the first half or the second half of the PIN is correct. In other words, the hacker only needs to find a 4-digit PIN and a 3-digit PIN from the 7-digit PIN. In this way, the level is reduced again, from 10 million changes to 11000 (the fourth power of 10 + the third power of 10).
- Therefore, in actual cracking attempts, hackers only need to test up to 11,000 times, and on average they only need to test about 5,500 times to crack. This also confirmed the feasibility of cracking the PIN code within 2 hours.
- 2.WPS Vulnerability Solution
- There is currently no good WPS vulnerability solution. Most wireless routers do not have the ability to limit the number of password errors, which makes them all exposed to hacking attacks.
- In fact, users can still avoid being attacked by disabling WPS in a timely manner, but most people may turn it off without realizing its seriousness.
- Therefore, it is recommended to disable the WPS function, and use a more secure encryption method such as WPA2 for wireless password setting, disable universal plug and play function, and enable MAC address filtering. [3]