Personal computing discussed

Moderators: Steel, notfred

 
chuckula
Gold subscriber
Gerbil Jedi
Topic Author
Posts: 1571
Joined: Wed Jan 23, 2008 9:18 pm
Location: Probably where I don't belong.

Snapadoodle-Doo WPA2 is Borked

Mon Oct 16, 2017 9:31 am

So the most widely deployed and modern security protocol for 802.11 networks is WiFi Protected Access v2 (WPA2). If you use 802.11, then chances are you are using some form of this protocol for security.

But unfortunately, there has been a major breach of WPA2 at the protocol level. This isn't just a bug in one vendor's implementation of WPA2, but a direct attack on the protocol itself that appears to be effective against just about every widely deployed network stack.

While I haven't read the vulnerabilities in great detail, they appear to be directed to forcing re-use of a "nonce" (number-only-once). Nonces are very commonly used in many encryption protocols and as the name states, the numbers should only be used once to prevent replay attacks and leakage of information that occurs when encryption systems use the same basic key to encrypt multiple sets of data. Without nonces or other equivalent mechanisms, even a big cryptographically-secure protocols like AES can be cracked in a similar manner to how you crack the crypto-quip in a newspaper because they are using the same effective key (even if it is a big key) to encrypt multiple sets of data in a manner that can then easily be cracked. Additionally, in 802.11 if you can trick the system into re-using a nonce you could conceivably fool the authentication system into accepting your device by "replaying" an old handshake sequence from another legitimate device so that you can effectively bypass the need to know the password for the access point.

So basically: This is serious. Good news is that there are apparently some patches out to mitigate the issue but the bad news is that we all know that there are millions of wifi access points that don't get regular updates (or are flat out abandoned by their manufacturers) so even if a patch exists somewhere, your particular hardware is very likely still vulnerable.
4770K @ 4.7 GHz; 32GB DDR3-2133; GTX-1080; 512GB 840 Pro (2x); Fractal Define XL-R2; NZXT Kraken-X60
--Many thanks to the TR Forum for advice in getting it built.
 
just brew it!
Gold subscriber
Administrator
Posts: 49718
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Snapadoodle-Doo WPA2 is Borked

Mon Oct 16, 2017 9:54 am

It's a client-side vulnerability, not an AP vulnerability. Good luck getting all those off-brand IoT devices patched.
Nostalgia isn't what it used to be.
 
just brew it!
Gold subscriber
Administrator
Posts: 49718
Joined: Tue Aug 20, 2002 10:51 pm
Location: Somewhere, having a beer

Re: Snapadoodle-Doo WPA2 is Borked

Mon Oct 16, 2017 9:55 am

BTW, we already had a thread for this: viewtopic.php?f=14&t=120185&p=1364886
Nostalgia isn't what it used to be.
 
Chrispy_
Gold subscriber
Maximum Gerbil
Posts: 4102
Joined: Fri Apr 09, 2004 3:49 pm
Location: Europe, most frequently London.

Re: Snapadoodle-Doo WPA2 is Borked

Mon Oct 16, 2017 10:09 am

just brew it! wrote:
BTW, we already had a thread for this: viewtopic.php?f=14&t=120185&p=1364886


Yes, but Chuky's thread has a less useful, yet more entertaining thread title. You should totally merge these threads and keep this title.
Congratulations, you've noticed that this year's signature is based on outdated internet memes; CLICK HERE NOW to experience this unforgettable phenomenon. This sentence is just filler and as irrelevant as my signature.
 
chuckula
Gold subscriber
Gerbil Jedi
Topic Author
Posts: 1571
Joined: Wed Jan 23, 2008 9:18 pm
Location: Probably where I don't belong.

Re: Snapadoodle-Doo WPA2 is Borked

Mon Oct 16, 2017 10:14 am

Chrispy_ wrote:
just brew it! wrote:
BTW, we already had a thread for this: viewtopic.php?f=14&t=120185&p=1364886


Yes, but Chuky's thread has a less useful, yet more entertaining thread title. You should totally merge these threads and keep this title.


YOU'RE WELCOME!

Although in fairness, by identifying WPA2 my title is more specific than merely saying "WiFi".
4770K @ 4.7 GHz; 32GB DDR3-2133; GTX-1080; 512GB 840 Pro (2x); Fractal Define XL-R2; NZXT Kraken-X60
--Many thanks to the TR Forum for advice in getting it built.
 
Chrispy_
Gold subscriber
Maximum Gerbil
Posts: 4102
Joined: Fri Apr 09, 2004 3:49 pm
Location: Europe, most frequently London.

Re: Snapadoodle-Doo WPA2 is Borked

Mon Oct 16, 2017 11:21 am

True - but WEP and vanilla WPA(1) have been b0rked for years, no?
Congratulations, you've noticed that this year's signature is based on outdated internet memes; CLICK HERE NOW to experience this unforgettable phenomenon. This sentence is just filler and as irrelevant as my signature.
 
Redocbew
Gold subscriber
Graphmaster Gerbil
Posts: 1350
Joined: Sat Mar 15, 2014 11:44 am

Re: Snapadoodle-Doo WPA2 is Borked

Mon Oct 16, 2017 11:28 am

True, and I believe WPA 2 with TKIP was best to be avoided also.
Do not meddle in the affairs of archers, for they are subtle and you won't hear them coming.

Who is online

Users browsing this forum: No registered users and 3 guests