Description of Aircrack-ng algorithm - the WPA2-PSK cracker

Question

Can anyone explain the algorithm behind Aircrack-ng (a WPA2-PSK cracker)?

I know how to use it, but a detailed explanation (which I could not find in their documentation) about how it actually works would help me a lot.

Answer 1

Determining the WPA/WPA2 passphrase is totally dependent on finding a dictionary entry which matches the passphrase. So a quality dictionary is very important. You can search the Internet for dictionaries to be used. There are many available.

For a more detailed overview of WPA2 PSK weaknesses, please refer to http://www.hsc.fr/ressources/articles/hakin9_wifi/hakin9_wifi_EN.pdf page 13

and after that read the source code of aircrack-ng, if you are not familiar with the C programming language then I highly recommend you learn as then with any open source program you can simply read the source code for the most in depth description of how it works. Also if possible learn assembly/machine code as you will get a real in depth appreciation for what is really happening when you run a program. Al-Salam