Just wondering if anyone has had a chance to use air snort and try and crack encrypted packets and a WLAN with TTLS.

We are currently using WPA with EAP-TTLS and encrypting using TKIP and CCMP. Is this crackable?

My stats after creating a bit of data

packets 141000 Encrypted 138000 Interesting 233 Unique 57200

Is this avg? Should air snort be able to crack the key by now?

Thank you for your help.

What is the use of cracking it, if the key changes after some time?

Usually with WEP you needed bout 100.000 IV packets for a 40bit key
with bout 1.000.000 IV for 104bit

With WPA PSK you crack that by listing in and trying to catch the 4way handshake,
with this data you then try a dictionary attack to brute-force your way in (so don't use the SSID as PSK)

WPA - EAP (in all its glory and variaties LEAP, -TLS -TTLS, PEAP)
have all their own weakness

EAP - Man-in-the-Middle (MitM from now), Dictionary and Hijacking the connection (and it doesn't use dynamic keys)

LEAP - Dictionary

EAP-TLS - ... no I am not missing something - to my knowledge none are knows so far

EAP-TTLS - MitM

PEAP - MitM


So after this short excursion into EAP I hope you can answer your question for yourself ...

A friend working in that area once said, with WEP and ACL you can keep bout 95% out, with WPA-PSK bout 98% - other WPA methods will raise it to about 99.9%
But it is the last 0.1% you fear

Thanks for an excellent answer.

Looks like I know where to start for seeing how secure our ttls is.