What is the KRACK Attack?

Product Notice: beware of the KRACK Attack

On Monday 10/16/2017, a critical vulnerability in the WPA2 wireless security protocol, which is used in most wireless devices at this time, was published by Dutch researchers. Its name KRACK attack — or key reinstallation attacks — can theoretically be deployed by attackers to steal sensitive information from unsuspecting wireless users leveraging flaws in the Wi-Fi standard.

This means all your data is exposed to an attacker if you use the WIFI while are traveling, using a restaurants Hotspot, at your office at work or maybe even at your home to browse sensitive data like login in to your bank or private favorite social media. For this to work an attacker will have to be physically present on range of your WIFI network.
If you own a wireless hotspot we recommend to have it updated/patched against this vulnerability. In this case you can use your own wireless patched secure network. And if you have to connect to a public WIFI beware of the non-encrypted sites and try to use VPN when possible.

We recommend strongly to contact us to secure your wireless networks since you may be vulnerable at this time and if you own a website we recommend SSL encryption to be installed.

How does the KRACK work?

When a client joins a network, it executes the 4-way handshake to negotiate a fresh encryption key. It will install this key after receiving message 3 of the 4-way handshake. Once the key is installed, it will be used to encrypt normal data frames using an encryption protocol.

However, because messages may be lost or dropped, the Access Point (AP) will retransmit message 3 if it did not receive an appropriate response as acknowledgment. As a result, the client may receive message 3 multiple times. Each time it receives this message, it will reinstall the same encryption key, and thereby reset the incremental transmit packet number (nonce) and receive replay counter used by the encryption protocol.

In a key reinstallation attack, the adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying cryptographic handshake messages. When the victim reinstalls the key, associated parameters such as the incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) are reset to their initial value but this same result can be forced by an attacker who managed to achieve a Man-in-the-Middle position.

Additionally, by being Man-in-the-Middle the attacker can easily convert HTPPS link to HTTP forcing browsers to use unencrypted connections exposing all connection data in plain text.

Several types of cryptographic Wi-Fi handshakes are affected by the attack: Four-way, Group Key, PeerKey, TDLS, and fast BSS Transition. The different CVE numbers assigned to the vulnerability reflect specific instantiations of the KRACK attack, so that it’s easier to track which products are affected by which instantiation.


Demo:




APPLIES TO

• All wpa2 vulnerable devices

References:
https://www.krackattacks.com/
:
courtesy of VND

 

By Javier Oblitas

http://www.vndx.com Web Solutions and custom programming including Managed Hosting Solutions
http://www.netservers.com custom Hosting...introducing fast Solid State Hosting where everything is possible!

  • KRACK Attack, hack, wpa2
  • 2 Users Found This Useful
Was this answer helpful?