Look into time-memory trade-off, and rainbow tables.
The time is dependent on various factors.
I'm currently in the process of auditing the wireless side of our network and I have moved from the wep to the wpa access points. We have a few wep ap's to accommodate older equipment.
Anyway. I'm learning as I go along here but I'm hoping someone can help me out with the wpa side of things.
What I really need to know is if it is possible to precompute tables, how many passwords per second can be realistically checked and if it is possible to do offline attacks.
I read about cowpatty but I'm slightly confused as I'm getting mixed reports on password attempts per second, 300 is what I've read and it seems very slow.
I'm working under the assumption that someone will scan our buildings for ssid's and then precompute the tables for each one. As our keys are hex and 10 characters long I need to estimate how long this would take to break.
Thanks in advance
I just wanted to add to my previous post.
I didn't explain myself properly. I know that it is possible to precompute the tables, I'm really asking more for advice on time taken to do this and time take to use this table to break a 10 character hex password.
The figures don't have to be exact but they will be going into a report.
Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69