KRACK, the new vulnerability in WPA2 Wi-Fi standard

17/10/2017
Author Avatar
Maxime Lamarche
Technical Engineer, EASI

A new vulnerability in the WPA2 Wireless security standard has been discovered! Who is impacted? How to protect yourself? Read our article to know everything about this new security breach!

Let's start with the beginning.

What's WPA2 wireless standard?

Wi-Fi Protected Access 2 is a network security technology commonly used on wireless networks. This standard is the upgrade of the original WPA technology, which was designed as a replacement to the much less secure WEP (Wired Equivalent Privacy).

How does the WPA2 standard work? There are two different ways to use WPA2:

  • WPA Personal: This method uses a Pre-Shared Key, which will be used by the client to connect to the Access Point. You only need a password to authenticate.
  • WPA Enterprise: This method imposes the use of an 802.1x authentication infrastructure (e.g RADIUS) to authenticate the user. You need a username and a password to authenticate.

What is KRACK?

Key Reinstallation Attacks is a new technique that could be used by attackers to read information which was previously assumed to be safely encrypted. It could be passwords, credit card numbers or all other sensitive data that transits via your wireless network.

Who is concerned?

Unfortunately, because the vulnerability is on the standard itself, all operating systems are affected. You can find the complete list here.

How it works?

The attacker tricks the victim by reinstalling an already-in-use key. This is achieved by manipulating and replaying cryptographic handshake messages. When the victim reinstalls the key, associated parameters such as the incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) are reset to their initial value. Essentially, to guarantee security, a key should only be installed and used once. Unfortunately, this is not guaranteed by the WPA2 protocol.

How to protect yourself or your company?

Currently, there is no real solution but most of the vendors will release as soon as possible a patch to this vulnerability. Therefore, you can check on your vendors' website for a new firmware release to patch your current Wireless network.

If you want more information, you can check this website: https://www.krackattacks.com/

 

Current job openings

Sign up to our newsletter

Follow us

  

Share this article