WPA2 protocol violated: Wi-Fi networks are vulnerable

Tuesday, 17 Oct, 2017

Some readers have asked if MAC address filtering will protect against this attack.

As scary as this attack sounds, there are several mitigating factors at work here. If fix is recommended to users, it is vulnerable to updating all Wi-Fi clients and continuing to use WPA2 (in WPA1, and WEP security is also worse).

What KRACK does is highlights a flaw in the widely used wireless security protocol called WPA2.

"The vulnerability is serious, but to exploit it the criminal has to be physically near the computer they want to attack", said Dr Murdoch. Not having one puts you at risk for all sorts of attacks.

At various times during an encrypted wireless connection, you (the client) and the access point (the AP) need to agree on security keys. Here's some one-time random data to help compute it. The organization is keeping a running list of affected vendors. The hacker only needs to be within range of your Wi-Fi-not logged into your network-to take advantage of it and steal your data. As a result, the same encryption key is used with nonce values that have already been used in the past.

So we're all doomed, right?

An attack may also be a challenge for hackers execute.

"Still, the vulnerability highlights the challenge of defending a "perimeter-less" network". Major platform providers have already started deploying patches. "In general, any data or information that the victim transmits can be decrypted ..."

Let us know what you like about Geek by taking our survey.

Finally, consider browsing the Web with an extension or browser add-on like HTTPS Everywhere, which forces any site that supports https:// connections to encrypt your communications with the Web site - regardless of whether this is the default for that site.

The mathematical certainty in the protocol now meets cryptographic sloppiness in its implementation.

While Windows and Apple IOS devices are not vulnerable to the four-way handshake attack, they are vulnerable to the group key handshake attack and the Fast BSS attack.

He wrote: "There are plenty of nasty attacks people will be able to do this".

Now you're getting it.

"Currently, all modern protected Wi-Fi networks use the" specific kind of handshake that is liable to attack, Mr Vanhoef wrote.

The bug is in that Wi-Fi standard itself, meaning it essentially impacts every device that connects over Wi-Fi - which is everything from your smartphone to your laptop, and much more besides. However, news on either of those topics remains sparse, and ZDnet says as of this morning that "Wi-Fi should be considered a no-go zone for anything mission critical".

Luckily, the WPA2 flaw doesn't affect secure websites, so your personal information should be safe if you limit your internet surfing to these sites.

Linux and Android are especially vulnerable to the hack because of a flaw that installs an "all-zero encryption key" rather than reinstalling a proper key, which "makes it trivial to intercept and manipulate traffic" sent by these devices. In the immediate term, patching client devices is the highest priority.

Sophos Customers should read knowledgebase article 127658.

That could change if this bug goes "airborne", she notes, and hackers figure out how to target Wi-Fi connections from a distance, but so far that isn't possible.