We reported last week about Elcomsoft use of Nvidia's Graphic Processing Units (or GPU) to crack open WPA and WPA2 encryption schemes which have been recommended over the weaker and more vulnerable WEP. Now more details have emerged as to how it works.
Elcomsoft is based in Russia and is specialised in password recovery, which means that the applications the site sells, Microsoft Office Files, Adobe Acrobat, ICQ, Email Accounts, MS SQL Server (see the whole list here (opens in new tab)), should in theory also gain from the brand new Elcomsoft Distributed Password Recovery.
The company is a Microsoft Gold Certified Partner, Intel Software Partner, NVIDIA Developer which means that the applications it has developed have been met with a green light as far as the three aforementioned companies are concerned.
Elcomsoft says that two GTX280 boards could possibly speed up the cracking process by up to 100x (and not 10,000 as reported by some), which could further be improved using either more graphics cards or more powerful GPUs.
There are chances that criminals will employ this tool to crack open supposedly secured wireless encryption which could possibly give rise to "cheap" password cracking powerhouses using distributed computing.
So what can you do? Speaking to Computerweekly (opens in new tab), Ken Munro of NCC Group, said that users should use the maximum number of characters in order to make the keys more difficult to crack.
Alternatively, companies should try to deploy a stronger version of the WPA encryption, known as AES (Advanced Encryptipon Standard) WPA.
ZDNet adopts a more sombre (opens in new tab) approach to the whole debate with Christian Harris saying that some companies will push for hard wire in lieu of no wires. Maybe, they should try the Powerline solution which combines the two approaches (kind of).