0 Replies - 267 Views - Last Post: 16 October 2017 - 09:57 AM

#1 modi123_1  Icon User is online

  • Suitor #2
  • member icon

Reputation: 13493
  • View blog
  • Posts: 53,896
  • Joined: 12-June 08

WPA2 bug - aka "KRACK" - disclosed..

Posted 16 October 2017 - 09:57 AM

Keep yo' devices updated and be on the look out.


The bug, known as "KRACK" for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. Mathy Vanhoef, a computer security academic, who found the flaw, said the weakness lies in the protocol's four-way handshake, which securely allows new devices with a pre-shared password to join the network.

That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.
At its heart, the flaw is found in the cryptographic nonce, a randomly generated number that's used only once to prevent replay attacks, in which a hacker impersonates a user who was legitimately authenticated. In this case, an attacker can trick a victim into reinstalling a key that's already in use. Reusing the nonce can allow an adversary to attack the encryption by replaying, decrypting, or forging packets.
Windows and latest versions of Apple's iOS are largely immune from the flaws, according to security researcher Kevin Beaumont, in a blog post. However, Vanhoef said the security issue is "exceptionally devastating" for Android 6.0 Marshmallow and above.
White explained, however, that sites and services that provide content over strict HTTPS (known as HSTS) will encrypt traffic from the browser to the server.

In other words, it's still safe to access sites that encrypt your data over an insecure network.


Per their site:


Our attack is especially catastrophic against version 2.4 and above of wpa_supplicant, a Wi-Fi client commonly used on Linux.

Linux's wpa_supplicant v2.6 is also vulnerable to the installation of an all-zero encryption key in the 4-way handshake [...] all Android versions higher than 6.0 are also affected by the attack

Is This A Good Question/Topic? 0
  • +

Page 1 of 1