Hacker Shows How Cloud Could Wash Out Wireless Security

    Date12 Jan 2011
    Posted ByAnthony Pell
    A hacker claims he's used Amazon's cloud services to bust open SHA-1, a wireless network security standard, and he says he'll be demonstrating his process at an upcoming Black Hat get-together. Malicious hackers could quickly set up brute-force attack systems using the cloud, but critics say real-world password cracks might not come so easily. German hacker Thomas Roth's announcement that he used Amazon.com's (Nasdaq: AMZN) cloud service to crack a wireless network security standard has left some security researchers scratching their heads. Others are merely shaking them in disbelief.

    That attack was launched against the SHA-1 hash algorithm.

    Roth's conclusions are that the SHA-1 algorithm is not fit for password hashing, and the compute power offered by cloud services makes it cheap and easy to launch brute-force attacks on passwords.

    However, it's been known since 2005 that the SHA-1 algorithm has flaws, and the National Institute of Standards and Technology is seeking to replace it.

    You are not authorised to post comments.

    LinuxSecurity Poll

    Has your email account ever been pwned in a data breach?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.