Researchers have discovered a key flaw in the 14-year-old WPA2 WiFi encryption protocol used by pretty much all wi-fi systems. WPA2 (WiFi Protected Access II), it is most common wireless encryption protocol that you’ll find in use on networks such as home, public cafes, etc.
The researchers from KU Leuven University Mathy Vanhoef and Frank Piessens, has just published about this in an article, they call this attack KRACK, for Key Reinstallation Attacks, claim that the attack vector completely opens up an Android 6.0 and later device. Other operating systems, including iOS and macOS are less impacted, but “a large number of packets” can still be decrypted from all.
Here’s how it works. Attackers find a vulnerable WPA2 network, then make a carbon copy of it and impersonate the MAC address, then change the WiFi channel. This new, fake network acts as a “man in the middle,” so when a device attempts to connect to the original network, it can be forced to bypass it and connect to the rogue one.
Normally, WPA2 encryption requires a unique key to encrypt each block of plain text. However, the hack described in the Krack Attack paper forces certain implementations of WPA2 to reuse the same key combination multiple times.
The problem is made worse by Android and Linux, which, thanks to a bug in the WPA2 standard, don’t force the client to demand a unique encryption key each time. Rather, they allow a key to be cleared and replaced by an “all-zero encryption key,” foiling a key part of the handshake process. In some cases, a script can also force a connection to bypass HTTPS, exposing usernames, passwords and other critical data.
The system takes advantage of a flaw in the “handshake” method to direct users to the malicious network. Neither WiFi passwords nor secret keys can be obtained, the researchers say, as the hack works by forging the entire network. As such, it can’t be used to attack routers, but hackers can still eavesdrop on traffic, making it particularly dangerous for corporations.
Fixes can be made by vendors on either the client or router level, and only one of the pair needs to be patched for the vulnerability to be ineffective. A patched computer can connect to an un-patched router and not be vulnerable, and vice-versa. Updates to either will prevent an encryption key from being reused.
How to mitigate the issue until a patch is issued:
Most networks in single-family homes are probably safe. However, in apartment buildings and thickly-settled areas, there remains the potential of attack —if the exploit is as easy to implement as the researchers claim it is.
When and if a patch becomes available for your computers, routers, or other Wi-Fi gear —implement it. If you’re not on macOS Sierra, macOS High Sierra, or iOS 11, it might be time to get there. You can take care of a few things as a protective measure:
- Prefer HTTPS over HTTP.
- Don’t provide confidential details over unencrypted connections as they’re sent in plain text.
- Use VPN services to add an extra layer of security.
- Don’t use public WiFi networks unless it’s necessary.
- Prevent yourself from visiting unknown websites or installing software from untrusted sources.
On November 1, the researchers will discuss their paper titled “Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2” at the ACM Conference on Computer and Communications Security, Dallas.