WPA2 protocol used by the majority of wifi connections has been broken by Belgian researchers.

The security protocol used to protect the vast majority of wifi connections has been broken, potentially exposing wireless internet traffic to malicious eavesdroppers and attacks, according to the researcher who discovered the weakness.

Mathy Vanhoef, a security expert at Belgian university KU Leuven, discovered the weakness in the wireless security protocol WPA2, and published details of the flaw on KRACK (Key Reinstallation Attacks) Website

We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks […] Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks […]

The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected […] If your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks

A proof of concept shows an attack against an Android smartphone. In addition to allowing data to be decrypted, anything running Marshmallow or later can also be easily fooled into resetting the encryption key to all zeroes. This includes all devices running Nougat or Oreo.

We can take some comfort from the fact that the attack only decrypts data encrypted by the wifi connection itself. If you are accessing a secure website, that data will still be encrypted by the HTTPS protocol. However, there are separate attacks against HTTPS that could be employed.

The attack works by exploiting the comms that goes on when a device joins a wifi network. There is a 4-step process used to confirm first that the device is using the correct password for the wifi router, and then to agree an encryption key that will be used for all the data sent between them during the connection.

In a key reinstallation attack, the adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying cryptographic handshake messages. When the victim reinstalls the key, associated parameters such as the incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) are reset to their initial value. Essentially, to guarantee security, a key should only be installed and used once. Unfortunately, we found this is not guaranteed by the WPA2 protocol. By manipulating cryptographic handshakes, we can abuse this weakness in practice.

The practical implication of this is, if you know any of the contents of the data that have been sent between the device and the router, you can use that known data to work out the encryption key. As Vanhoef points out, there is almost always going to be known data being passed at some point, so you have to assume that the encryption can always be cracked. Even if you don’t know any of the content, a sufficient volume of English text would be enough to break the encryption.

With Android and Linux, an attacker doesn’t even have to do that much work: the attacker can simply reset the encryption key.

The good news is that Vanhoef says that WPA2 can be patched to block the attack, and the patch will be backward compatible. Once a patch is available for your router, you should update the firmware without delay.

The Wi-Fi Alliance has issued a security advisory thanking Vanhoef for his work, stating that it is aware of the issue and that major platform providers have already started deploying patches. It says “there is no evidence that the attack has been used in the wild, though the research paper notes that such attacks would be difficult to detect.”

The United States Computer Emergency Readiness Team (Cert) issued a warning on Sunday in response to the vulnerability.

“The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection and others,” the alert says, detailing a number of potential attacks. It adds that, since the vulnerability is in the protocol itself, rather than any specific device or software, “most or all correct implementations of the standard will be affected”.

For More Info Visit : Key Reinstallation Attacks (KRACK)

Source: The Guardian, 9to5 Google

Comments

comments