Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 - The KRACK Wi-Fi Attack

Includes Ethical Hacking, Cybersecurity, Social Engineering and related fields
Post Reply
User avatar
Eli
Senior Expert Member
Reactions: 183
Posts: 5214
Joined: 9 years ago
Location: Tanzania
Has thanked: 75 times
Been thanked: 88 times
Contact:

#1

The KRACK attack on WPA2 protected WiFi networks is a recent, less than 3 days, trending news on information security. Discovered by Mathy Vanhoef and Frank Piessens at KU Leuven, KRACK (Key Reinstallation Attack) leverages a vulnerability in the 802.11i four-way handshake in order to facilitate decryption and forgery attacks on encrypted WiFi traffic, see their paper.

The KRACK attacks vulnerability has been discussed in detail on a number of technology-related sites, especially, cryptographyengineering.com, Linux.com, Lifehacker.com, and here is the published paper concerning this vulnerability.

Below is the summary of the attack and suggested fixes as extracted from Linux.com blog:
  • A flaw in the WPA2 wireless handshake protocol allows attackers to sniff or manipulate the traffic between your device and the wi-fi access point.
  • It is particularly bad for Linux and Android devices, due either to ambiguous wording in the WPA2 standard or to misunderstanding during its implementation. Effectively, until the underlying OS is patched, the vulnerability allows attackers to force all wireless traffic to happen without any encryption at all.
  • This vulnerability can be patched on the client, so the sky hasn’t fallen and the WPA2 wireless encryption standard is not obsoleted in the same sense that the WEP standard is (do NOT “fix” this problem by switching to WEP).
  • Most popular Linux distributions are already shipping updates that fix this vulnerability on the client, so apply your updates dutifully.
  • Android will be shipping fixes for this vulnerability Very Soon. If your device is receiving Android security patches, you will receive a fix before long. If your device is no longer receiving such updates, then this particular vulnerability is merely another reason why you should stop using old, unsupported Android devices.
That said, from my perspective, Wi-Fi is merely another link in the chain of untrusted infrastructure and we should altogether avoid treating it as a trusted communication channel. Find out full details about security measures.
0
TSSFL -- A Creative Journey Towards Infinite Possibilities!
Post Reply

Return to “Information Security”

  • Information
  • Who is online

    Users browsing this forum: No registered users and 1 guest