Our previous work on WPA-PSK lookup tables incorporated ~172,000 word dictionary. While impressive, it didn't cover a very large part of the key space. The password selection was a bit on the crude side (whatever we could find to make up 172,000 words!). After the initial success we found with this set of tables, we decided to figure out a more optimal set of tables.
This set, comprising the same 1000 SSID list incorporates a password list compiled from contributions from RenderMan, Mark Burnett and Kevin Mitnick.
The resulting list is ~1,000,000 words for a total of approximatly 40GB of hash tables for the top 1000 SSID's.
H1kari of OpenCiphers.org collaborated his work on FPGA arrays to offer up some extreme computing power to crunch these numbers. His super awesome contribution of time on 15 FPGA arrays allowed us to compute these tables in a record 3 days. He made some small changes to coWPAtty for FPGA support and are available at openciphers.org in the downloads area.
This password list is alot more refined than the previous iteration. Kevin Mitnick and Mark Burnett contributed a password list of actual passwords, harvested through google, supplying us with a accurate set of passphrases that people are know to use. This list was actually used as the research material for Mark's book, "Perfect Passwords" (Syngress, 2006)
This list is the sorted result of a survey of over 4 million passwords, showing that people tend to use only a very small number of passwords. As Mark Explains: "If you took the surface area of the entire US to represent the available keyspace for 8-char passwords using all keyboard characters, about 90% of all passwords would fit into an area about 3ft square!"
We padded out this list with dictionaries of common words, folded, mangled, parsed and trimmed to create a million word dictionary for your WPA cracking pleasure with minimal overlap to the previous set of tables.
The refinement of using actual common passwords, coupled with the most common SSID's makes this, we believe, the most efficient set of tables possible without calculating the entire keyspace. One can argue that we could have had 2 million words, but we did want this set to be distributable via bittorrent and 40gig is plenty enough.