OK, 74 years on this planet and 1 brain aneurysm have taken their toll and I can't do math in my head like I used to. (Ask me how I know "person, man, woman, camera, TV" isn't an IQ test).
But I still find this a fun math problem, and the math is actually pretty basic. I wonder how many kids today know there are 10^8 possible 8 digit numbers, and that 10^8 is 100 million. And how many would say math can be fun. I grew up during the Cold War and the Space Race . math and science were actually cool. Anyway, to get WiFi Alliance certification and put the WIFI Certified logo on your router, it has to support WPS (WiFi Protected Setup), including both the button press method and the PIN method. The PIN method is a security problem. In theory, a brute force attack would have to guess an 8 digit number, so 10^8 = 100 million tries (worst case). That's gonna take a long time. Unfortunately, there is a flaw in the algorithm, as stated in this 14 year old CERT advisory. An attacker can tell when they have guessed the first 4 digits correctly, so 10^4 = 10,000 tries. Then all that remains is to guess the last 4, but the 8th digit it a parity check, so you only have to guess 3 more digits. 10^3=1,000 more tries, for a total of 11,000. https://www.kb.cert.org/vuls/id/723755
-- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
