Wifi is no Longer Secure - WPA2 got KRACKed !

On October 16, 2017, Mathy Vanhoef and Frank Piessens of imec-DistriNet published a paper detailing their discovery of security weaknesses in WPA2. WPA2 (Wi-Fi Protected Access II) is a widely used security protocol developed by the Wi-Fi Alliance for the purpose of  encrypting and securing the traffic on Wi-fi connections between the Wi-fi router and endpoints. WPA2 (and its earlier version WPA) has long replaced its predecessor WEP (Wired Equivalent Privacy) protocol due to serious security weaknesses in the latter.
Dubbed "KRACK" (key reinstallation attack), the vulnerability, if exploited, can allow an attacker the compromise the seemingly secure Wi-fi connection of a user, thus potentially stealing sensitive information like passwords or credit card information. We say "potentially" because nowadays most websites are accessed using secure "HTTPS" connections which encrypts the traffic between the user and the website independently from the encryption occurring on the Wi-fi level between the user and the access-point due to WPA2 protection which is now ineffective. Nevertheless, there are still millions of websites who use the un-encrypted HTTP protocol or that have an erroneous implementation of HTTPS which leaves the users at risk.

"Whenever someone joins a Wi-Fi network, a 4-way handshake is executed to produce a fresh encryption key for all subsequent traffic. To guarantee security, a key should be installed and used only once. But by using the key reinstallation attack (KRACK), an attacker can trick a victim into reinstalling an already-in-use key allowing him to steal sensitive information or even, depending on the network configuration, inject malware into a website." [Source]


Mitigation and Vendors Information:
To mitigate the vulnerability, an OS patch (upgrade) must be performed to a version that fixes this vulnerability. Vendors have already started developing and releasing patches for their Wi-fi products. Below are few links to most common vendors:
A comprehensive list for all vendors can be found here.


Assigned CVEs:
CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.


Proof of Concept:
The below is a proof of concept for KRACK attack against an Android smarphone. Additional information can be found on https://www.krackattacks.com/.


--
Elie Bassil
linkedin.com/in/eliebassil
Latest
Previous
Next Post »