krack attack wpa2 Social, Tech

WPA2 Key Reinstallation Attacks


WPA2 Key Reinstallation Attacks 

krack attack wpa2

Wi-Fi Protected Access 2 (WPA2), a protocol that secures all modern protected Wi-Fi networks has been found to be vulnerable to key reinstallation attacks. This flaw can be leveraged to steal sensitive information including credit card numbers, passwords, chat messages, emails, photos, etc. The attacker can also inject and manipulate data based on the network configuration. The vulnerability has been reported by a researcher from Belgian university KU Leuven.

KRACK Attack

This works by exploiting a four-way handshake, which is used to establish a key for encrypting traffic. It actually tricks a victim into reinstalling an all-zero encryption key, rather than the real key that forces the client to reset packet numbers containing a cryptographic nonce and other parameters to their initial values to bypass the encryption.

Affected Devices

Android, Linux, and OpenBSD devices are affected in larger extent whereas macOS and Windows are found to be less vulnerable. A vulnerability report has been attached.

Impact

An attacker within the wireless communications range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocol being used. Impacts may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast, broadcast, and multicast frames.

Solution

Install Updates

The WPA2 protocol is ubiquitous in wireless networking. The vulnerabilities described here are in the standard itself as opposed to individual implementations thereof; as such, any correct implementation is likely affected. Users are encouraged to install updates to affected products and hosts as they are available. For information about a specific vendor or product, check the Vendor Information section of this document or contact the vendor directly. Note that the vendor list below is not exhaustive.

Vendor Information

Vendor Status Date Notified Date Updated
Aruba Networks Affected 28 Aug 2017 09 Oct 2017
Cisco Affected 28 Aug 2017 16 Oct 2017
Espressif Systems Affected 22 Sep 2017 13 Oct 2017
Fortinet, Inc. Affected 28 Aug 2017 16 Oct 2017
FreeBSD Project Affected 28 Aug 2017 12 Oct 2017
Google Affected 28 Aug 2017 16 Oct 2017
HostAP Affected 30 Aug 2017 16 Oct 2017
Intel Corporation Affected 28 Aug 2017 10 Oct 2017
Juniper Networks Affected 28 Aug 2017 16 Oct 2017
Microchip Technology Affected 28 Aug 2017 16 Oct 2017
Microsoft Corporation Affected 28 Aug 2017 16 Oct 2017
OpenBSD Affected 28 Aug 2017 16 Oct 2017
Peplink Affected 28 Aug 2017 16 Oct 2017
Red Hat, Inc. Affected 28 Aug 2017 04 Oct 2017
Samsung Mobile Affected 28 Aug 2017 12 Oct 2017

Leave a Reply