In the nicest way possible, this is probably just an ad piece for his service (http://www.wpacracker.com/) It has been possible to brute force WPA-PSK for ages, you just needed a lot of computing power. It appears he did this with a dictionary attack, not bruteforce (see: http://www.h-online.com/security/news/item/Cracking-WPA-keys...) and, so, it is no wonder it was fast - but that is limited.
EC2 is an option, sure, but it's going to get expensive for commercial purposes. (I have issues with their costings... if it took 20 minutes, even using just one instance that would be.. $5.60, and other sources state he used many more than one :D EDIT: ah, sorry, he did use one instance and they are talking about his "6 minute" promise. Still, nothing you couldn't do on a decently fast "local" machine for cheaper)
We ran some trials with EC2 and the cost starts to mount for anything complex. A few of racks of meaty servers is, if you have a volume of work, is a cheaper investment.
Ultimately it looks like he is dealing with dictionary work - which is fine (and does work well). But will quickly fail with anyone competent (I going to hazard a rough guess of about 25% of the time based on my experience), which is where work with pre-computed tables and bruteforcing comes into play.
I'm not sure there is much substance to this story, sadly.
>Still, nothing you couldn't do on a decently fast "local" machine for cheaper
The fun thing is that you can now do it in the field. You could potentially grab the hashes with a netbook, then crouch in your hiding place behind the bins at Enemy HQ for six minutes while EC2 does the cracking, then go straight into the network, without having to risk sneaking out and back in again. Past the guards.
Dunno what espionage-based fantasy world I'm in today. I don't even play video games! However people really do this stuff. And now we can all have a go! Hooray! The kind of people who do these things dont generally have to worry about expenses though...
wpacracker.com is run by Moxie Marlinspike, not this Thomas Roth. (and no, Thomas Roth is not his real name). Furthermore I can't find any link between this (or the others) news article and Moxie's wpacracker.com, and I can't figure out why he would only be presenting wpacracker at blackhat now.
EC2 is an option, sure, but it's going to get expensive for commercial purposes. (I have issues with their costings... if it took 20 minutes, even using just one instance that would be.. $5.60, and other sources state he used many more than one :D EDIT: ah, sorry, he did use one instance and they are talking about his "6 minute" promise. Still, nothing you couldn't do on a decently fast "local" machine for cheaper)
We ran some trials with EC2 and the cost starts to mount for anything complex. A few of racks of meaty servers is, if you have a volume of work, is a cheaper investment.
Ultimately it looks like he is dealing with dictionary work - which is fine (and does work well). But will quickly fail with anyone competent (I going to hazard a rough guess of about 25% of the time based on my experience), which is where work with pre-computed tables and bruteforcing comes into play.
I'm not sure there is much substance to this story, sadly.