With the technological advances that have recently been made in the market of computer graphics, current graphics processing units can now be used for something other than powering computer systems designed for gaming applications. It appears that, thanks to a relatively new piece of software, GPUs can be used to crack wireless access points that are secured with WPA or WPA2 passwords. According to the latest info, general purpose computing enabled by GPUs caused some major security issues lately, as they have been used to brute force passwords in record time.
The application in question is developed by Elcomsoft, which is also famous for its “Advanced eBook Processor” software. The company claims that its app is capable of tapping the unexploited power of the GPU to crack a WPA/WPA2-PSK-enabled password.
According to Elcomsoft, a Radeon HD 4870 graphics card can be used to try almost 16,000 passwords per second, using an “advanced dictionary attack,” which basically transforms entries from a master wordlist. A higher-performance solution, such as NVIDIA's Tesla S1070 GP-GPU, can raise the number of passwords per second to an impressive 52,000. In comparison, a 65nm-based Intel Core 2 Quad Q6600 processor is only capable of trying 1,100 p/sec.
Elcomsoft's application is known as the “Elcomsoft Wireless Security Auditor,” which the company claims to be designed for network administrators and IT specialists, trying to find problems with the internal security of the network they are managing.
The application itself isn't new on the market, but it is claimed to be one of the most efficient solutions available. In order to work, the Wireless Security Auditor requires a tcpdump-formatted communications dump with at least one handshake packet. According to the company, all the processing is done off-line and is completely transparent to the targeted network.
Price-wise, the Wireless Security Auditor is worth $1199; however, until March 1, 2009, the application can be purchased for “just” $599.99.