Home WPA2 security hole KRACKs Wi-Fi networks wide open
News

WPA2 security hole KRACKs Wi-Fi networks wide open

Wayne Manion
Disclosure
Disclosure
In our content, we occasionally include affiliate links. Should you click on these links, we may earn a commission, though this incurs no additional cost to you. Your use of this website signifies your acceptance of our terms and conditions as well as our privacy policy.

The United States Computer Emergency Readiness Team has issued a warning about a new attack that affects Wi-Fi networks using the commonly-used WPA2 protocol. The vulnerability is called a KRACK attack and affects the four-way handshake that occurs between an access point and a client device when the client wants to join the protected network.

Attackers can decrypt packets on WPA2 networks by forcing the re-use of a cryptographic nonce with a key already in use by manipulating and replaying cryptographic handshake messages. Should the attack succeed, it's then possible to monitor any and all otherwise unencrypted traffic going through the network. Most Wi-Fi-enabled devices and operating systems are affected by this vulnerability to some degree, including Linux, Windows, Android, and iOS, as well as most Wi-Fi routers and access points.

The attack was discovered by Mathy Vanhoef of the imec-DistriNet research group. The researcher named the attack after its method of action, a Key Reinstallation Attack. Successful attackers could potentially decrypt and inject arbitrary packets, hijack TCP connections, inject HTTP content, and replay unicast and group-addressed frames. Verhoef believes the overwhelming majority of existing WPA2 client devices are vulnerable to some version of the attack, and comments that Android 6.0 and higher and Linux devices are particularly vulnerable.

The researcher goes on to say that WPA2 implementations can be patched in a backwards-compatible manner, meaning that a patched client can communicate with an unpatched access point, and vice versa. Also, a security update on either side of the handshake communication can ensure that keys are not reused. Even so, vulnerable devices should likely not be allowed to continue operating on a network. Given the relaxed pace of software updates within the Android and wireless router manufacturing sectors, KRACK attacks could potentially be a popular attack vector for years to come. Vanhoef produced a brief demonstration video of an attack against an Android 6.0 device, shown below.

The author recommends using WPA2 with AES-CCMP as a mitigation measure, seeing as the WPA-TKIP and GCMP protocols are subject to packet forging and injection in addition to decryption. GCMP is used in WiGig and will likely increase in popularity as the 802.11ad wireless standard spreads. Visiting only SSL-secured websites or using a VPN can deliver an additional layer of protection, too.

For its part, Microsoft is already in the process of pushing out a security update to address the KRACK vulnerability on Windows clients. The Wi-Fi Alliance has likewise published an update indicating that it now requires testing for its vulnerability in its certification lab.

Vanhoef will be presenting the research behind the attack at the Computer and Communications Security Conference and the Black Hat Europe conference. A detailed research paper is available now for those interested in some dense reading. We recommend all wireless readers read US CERT's advisory and Vanhoef's KRACK web page.

Latest News

Ripple Dumps 240 Million XRP Tokens Amid 17% Price Decline
Crypto News

Ripple Dumps 240 Million XRP Tokens Amid 17% Price Decline

Crypto Expert Draws A Links Between Shiba Inu And Ethereum
Crypto News

Crypto Expert Draws Link Between Shiba Inu And Ethereum

The founders of the second-largest meme coin, Shiba Inu, have been a mystery. However, many people within the crypto industry have made some probable suggestions regarding the coin’s fundamentals. Del...

The Lucrative FTX Bankruptcy Trade and Ongoing Legal Battle
Crypto News

The Lucrative FTX Bankruptcy Trade and Ongoing Legal Battle

The FTX cryptocurrency exchange crash in November 2022 left a trail of aggrieved investors and customers who had their funds frozen due to the complex bankruptcy case.  However, the collapse...

Bitcoin (BTC) Price Set to Enter “Danger Zone” – Time to Back-Off or Bag More Coins?
Crypto News

Bitcoin (BTC) Price Set to Enter “Danger Zone” – Time to Back-Off or Bag More Coins?

SNB to Kick Off Rate Cut Cycle Sooner Than Expected
News

SNB to Kick-Start Rate Cut Cycle Sooner Than Expected

Top Crypto Gainers on 18 March – AVAX and RNDR
Crypto News

Top Crypto Gainers on 18 March – AVAX and RNDR

smartphone security organization
Community Contributions

How to Successfully Tackle Smartphone Security in Your Organization